| Titre | chatchat-space Langchain-Chatchat 0.3.1.3 Missing Authorization / CWE-862 |
|---|
| Description | A vulnerability was found in chatchat-space Langchain-Chatchat x.x.x.x and classified as critical. Affected by this vulnerability are the functions files(), list_files(), retrieve_file(), retrieve_file_content(), and delete_file() of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py (lines 260–327) of the component OpenAI-Compatible File Service. The manipulation leads to missing authorization. The endpoints POST /v1/files, GET /v1/files, GET /v1/files/{file_id}, GET /v1/files/{file_id}/content, and DELETE /v1/files/{file_id} are exposed without any authentication or authorization check. In deployments where port 7861 is network-accessible — including the default Docker deployment using network_mode: host — any unauthenticated attacker can upload, enumerate, read, and delete files belonging to any user. This is further compounded by CORS configured with allow_origins=["*"], enabling cross-origin exploitation from arbitrary web pages. The attack may be launched remotely without privileges. The exploit has been disclosed to the public. It is recommended to add authentication middleware to all file service endpoints, enforce per-user file ownership validation, and restrict CORS to trusted origins.
details: https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-4-Missing-Auth-File-Endpoints.md |
|---|
| La source | ⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5465 |
|---|
| Utilisateur | Dem00 (UID 84913) |
|---|
| Soumission | 19/04/2026 10:12 (il y a 2 mois) |
|---|
| Modérer | 05/05/2026 12:21 (16 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 361123 [chatchat-space Langchain-Chatchat jusqu’à 0.3.1.3 Compatible File Service openai_routes.py authentification faible] |
|---|
| Points | 20 |
|---|