CVE-2026-61450 in Gravinfo

Summary

by MITRE • 07/10/2026

Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author (any admin.pages user, or anyone able to write to user/pages) to exfiltrate configuration secrets. Although the sandbox replaces the 'config' variable with a redacted facade and strips Config::get/toArray from the method allowlist, the raw container remains accessible via the allow-listed grav.offsetGet('config'), which returns the real Config object. Allow-listed object-dumping filters (json_encode, print_r, yaml_encode) then serialize that object at the PHP level without invoking the sandbox method gate, exposing the full config tree including plugin secrets such as SMTP credentials, API keys, and plugin DB credentials. This is an incomplete fix for GHSA-j274-39qw-32c9.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

This vulnerability exists in Grav versions prior to 2.0.2 and represents a critical sandbox bypass that undermines the application's security model for page authors with administrative privileges. The flaw stems from an insufficient implementation of the Twig sandbox mechanism that was intended to protect sensitive configuration data. While the system correctly replaces the 'config' variable with a redacted facade and removes direct access methods like Config::get and Config::toArray from the method allowlist, it fails to properly restrict access to the underlying dependency injection container. The vulnerability specifically leverages the allow-listed grav.offsetGet('config') method which bypasses the sandbox restrictions by directly accessing the real Config object through the container interface. This represents a classic case of incomplete security hardening where defensive measures are circumvented through legitimate API pathways that were not properly considered during the sandbox design phase.

The operational impact of this vulnerability is severe as it enables unauthorized access to critical system secrets that should remain protected from page authors and administrative users with limited permissions. The configuration object contains sensitive information including SMTP credentials, API keys, database connection parameters for various plugins, and other cryptographic tokens that could be exploited by attackers to gain further access to the system or compromise external services. The vulnerability is particularly dangerous because it affects users who have write access to user/pages directory which is often granted to content authors or less privileged administrators in multi-user environments. Attackers can leverage the allow-listed object-dumping filters such as json_encode, print_r, and yaml_encode to serialize the Config object at the PHP level without triggering any sandbox method gates, effectively exposing the complete configuration tree including all plugin secrets. This creates a direct path for information disclosure attacks that can lead to credential theft, service compromise, and potential lateral movement within the network infrastructure.

The technical implementation of this vulnerability demonstrates a fundamental flaw in the security architecture where legitimate dependency injection container access points are not properly secured against unauthorized use by privileged users. The bypass occurs because the sandbox mechanism only protects direct method calls on the facade object rather than protecting access to the underlying container through legitimate offset getters that return actual objects. This design oversight creates an attack surface that allows privilege escalation through configuration data exposure, where attackers can extract sensitive credentials and system information without requiring additional privileges or exploiting other vulnerabilities. The vulnerability is particularly concerning as it represents a regression in security measures since it was previously identified and addressed in GHSA-j274-39qw-32c9, indicating that the fix was incomplete or improperly implemented. This type of vulnerability aligns with CWE-20: Improper Input Validation and CWE-502: Deserialization of Untrusted Data, where the security controls fail to properly validate or restrict access to sensitive objects through legitimate API pathways.

Mitigation strategies for this vulnerability require immediate application updates to Grav 2.0.2 or later versions that contain the proper fix for the sandbox bypass. System administrators should also implement additional monitoring and access controls to detect unauthorized configuration file modifications, particularly in user/pages directories where the vulnerability can be exploited. The recommended approach includes verifying that all users with write permissions to content areas are properly audited and that appropriate least privilege principles are enforced. Organizations should conduct comprehensive security reviews of their Grav installations to identify any potential exploitation attempts and ensure that sensitive configuration data is properly protected through multiple layers of defense. Additionally, implementing network-based monitoring for suspicious serialization activities and unauthorized access patterns can help detect exploitation attempts before they lead to successful credential theft or system compromise.

The vulnerability highlights the importance of proper security design principles and the need for comprehensive testing of sandbox mechanisms against various attack vectors. It demonstrates that even well-intentioned security measures can be defeated by overlooking legitimate API access points that bypass intended restrictions. This particular case emphasizes the critical nature of dependency injection container security and the need for thorough validation of all access paths to sensitive objects within application frameworks. The fix implemented in Grav 2.0.2 should serve as a reference for other CMS and framework developers to ensure that their sandbox implementations properly account for all potential access vectors through legitimate API interfaces while maintaining proper security boundaries around sensitive data access.

Responsible

VulnCheck

Reservation

07/09/2026

Disclosure

07/10/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!