जमा करें #793554: zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Unauthenticated Administrative API Accessजानकारी

शीर्षकzhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Unauthenticated Administrative API Access
विवरणThe chatgpt-on-wechat Web Console exposes all administrative HTTP endpoints without any form of authentication or authorization. The HTTP server default, making all endpoints accessible to any client on the network or internet. An unauthenticated attacker can read and modify application configuration (including API keys), connect/disconnect messaging channels, upload arbitrary files, read application logs, and access memory content.
स्रोत⚠️ https://github.com/zhayujie/chatgpt-on-wechat/issues/2733
उपयोगकर्ता
 Yu_Bao (UID 89348)
सबमिशन31/03/2026 12:14 PM (3 महीनों पहले)
संयम11/04/2026 10:22 PM (11 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि356990 [zhayujie chatgpt-on-wechat CowAgent 2.0.4 Administrative HTTP Endpoint कमजोर प्रमाणीकरण]
अंक19

Do you need the next level of professionalism?

Upgrade your account now!