Enviar #791081: SuperAGI up to c3c1982 Authorization Bypass Through User-Controlled Key (CWE-639)información

TítuloSuperAGI up to c3c1982 Authorization Bypass Through User-Controlled Key (CWE-639)
Descripción# Technical Details An Insecure Direct Object Reference (IDOR) exists in the `delete_agent`, `stop_schedule`, and `get_schedule_data` methods in `superagi/controllers/agent.py` of SuperAGI. The application fails to verify that the target agent belongs to the requesting user's organization. All three endpoints only validate the JWT token via `Depends(check_auth)` but perform no ownership check on the `agent_id` parameter. # Vulnerable Code File: superagi/controllers/agent.py Method: delete_agent (lines 383-420), stop_schedule (lines 238-256), get_schedule_data (lines 289-329) Why: The `delete_agent` endpoint queries `Agent.id == agent_id` without any org check, then marks the agent as deleted, terminates all its running executions, and stops any scheduled runs — affecting the victim's resources entirely. # Reproduction 1. Authenticate with an attacker account and obtain a valid JWT. 2. Delete victim's agent (soft delete + terminates all executions): curl -s -X PUT -H "Authorization: Bearer $JWT" "http://localhost:3000/api/agents/delete/1" 3. Stop victim's scheduled agent: curl -s -X POST -H "Authorization: Bearer $JWT" -H "Content-Type: application/json" "http://localhost:3000/api/agents/stop/schedule" -d '{"agent_id": 1}' 4. Read victim's agent schedule data: curl -s -H "Authorization: Bearer $JWT" "http://localhost:3000/api/agents/get/schedule_data/1" # Impact - Data Destruction: Deleting agents terminates all their executions and stops all schedules. - Service Disruption: Victim's automated agent pipelines are immediately stopped. - Information Disclosure: Agent schedule configurations (cron expressions, start times) are exposed.
Fuente⚠️ https://gist.github.com/YLChen-007/1d87985b274ce22c4294726d7758df8e
Usuario
 Eric-z (UID 95890)
Sumisión2026-03-27 13:00 (hace 24 días)
Moderación2026-04-19 18:13 (23 days later)
EstadoAceptado
Entrada de VulDB358248 [TransformerOptimus SuperAGI hasta 0.0.14 agent.py delete_agent/stop_schedule/get_schedule_data agent_id escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!