| タイトル | chatchat-space Langchain-Chatchat 0.3.1.3 Missing Authorization / CWE-862 |
|---|
| 説明 | A vulnerability was found in chatchat-space Langchain-Chatchat x.x.x.x and classified as critical. Affected by this vulnerability are the functions files(), list_files(), retrieve_file(), retrieve_file_content(), and delete_file() of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py (lines 260–327) of the component OpenAI-Compatible File Service. The manipulation leads to missing authorization. The endpoints POST /v1/files, GET /v1/files, GET /v1/files/{file_id}, GET /v1/files/{file_id}/content, and DELETE /v1/files/{file_id} are exposed without any authentication or authorization check. In deployments where port 7861 is network-accessible — including the default Docker deployment using network_mode: host — any unauthenticated attacker can upload, enumerate, read, and delete files belonging to any user. This is further compounded by CORS configured with allow_origins=["*"], enabling cross-origin exploitation from arbitrary web pages. The attack may be launched remotely without privileges. The exploit has been disclosed to the public. It is recommended to add authentication middleware to all file service endpoints, enforce per-user file ownership validation, and restrict CORS to trusted origins.
details: https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-4-Missing-Auth-File-Endpoints.md |
|---|
| ソース | ⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5465 |
|---|
| ユーザー | Dem00 (UID 84913) |
|---|
| 送信 | 2026年04月19日 10:12 (2 月 ago) |
|---|
| モデレーション | 2026年05月05日 12:21 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 361123 [chatchat-space Langchain-Chatchat 迄 0.3.1.3 Compatible File Service openai_routes.py 弱い認証] |
|---|
| ポイント | 20 |
|---|