提出 #797643: smythos sre <= 0.0.15 Improper Authentication / Authorization Bypass (CWE-287 / CWE-63情報

タイトルsmythos sre <= 0.0.15 Improper Authentication / Authorization Bypass (CWE-287 / CWE-63
説明# Technical Details An authentication bypass and state injection vulnerability in the `AgentRuntime` engine allows an unauthenticated external attacker to arbitrarily manipulate and execute downstream internal agent components. By injecting specific HTTP headers (`X-DEBUG-INJ`), an attacker can force the runtime to accept an arbitrary execution tree containing malicious inputs, entirely bypassing any upstream authentication or authorization components configuring the Agent's flows. # Vulnerable Code File: packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts Method: AgentRuntime constructor & runCycle() Why: The runtime extracts internal debug headers (`X-DEBUG-RUN`, `X-DEBUG-INJ`) from the unauthenticated HTTP request prior to running any component-level validation. An insecure conditional check specifically maps the raw, unvalidated HTTP request body into a privileged internal state variable `this.xDebugPendingInject`. Later, during the `runCycle()` processing loop, the engine prioritizes this injected tree over the authentically configured database component graph. # Reproduction 1. Start an agent application running `@smythos/sre` with `AgentRuntime` reachable via API processing. Ensure a flow graph where a restricted component (`critical_action`) sits behind an `auth_check` component. 2. The attacker crafts a request using `requests.post()` and supplies the `X-DEBUG-INJ: bypass-auth` header. 3. In the malicious request body, the attacker forces the state `ctx.active: true` and defines `"sourceId": "auth_check"` for the downstream `critical_action` component. 4. Sending this payload causes the engine to skip the real authentication endpoints and exclusively execute the attacker-supplied state graph. # Impact - Critical Authentication and Authorization Bypass leading to complete Agent Execution Flow hijacking. - Depending on the internal node graph available to the execution environment, this trivially escalates into Remote Code Execution (RCE) via `ServerlessCode` or `ECMASandbox` nodes, data extraction, or arbitrary state corruption.
ソース⚠️ https://gist.github.com/YLChen-007/c6a4a6a5f4c8b9e758f72c07ca0cd30d
ユーザー
 Eric-b (UID 96354)
送信2026年04月06日 05:51 (21 日 ago)
モデレーション2026年04月25日 15:52 (19 days later)
ステータス承諾済み
VulDBエントリ359601 [SmythOS sre 迄 0.0.15 HTTP Header AgentRuntime.class.ts AgentRuntime X-DEBUG-RUN/X-DEBUG-INJ 弱い認証]
ポイント20

概要

Interested in the pricing of exploits?

See the underground prices here!