제출 #793554: zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Unauthenticated Administrative API Access정보

제목zhayujie chatgpt-on-wechat (CowAgent) 2.0.4 Unauthenticated Administrative API Access
설명The chatgpt-on-wechat Web Console exposes all administrative HTTP endpoints without any form of authentication or authorization. The HTTP server default, making all endpoints accessible to any client on the network or internet. An unauthenticated attacker can read and modify application configuration (including API keys), connect/disconnect messaging channels, upload arbitrary files, read application logs, and access memory content.
원천⚠️ https://github.com/zhayujie/chatgpt-on-wechat/issues/2733
사용자
 Yu_Bao (UID 89348)
제출2026. 03. 31. PM 12:14 (3 개월 ago)
모더레이션2026. 04. 11. PM 10:22 (11 days later)
상태수락
VulDB 항목356990 [zhayujie chatgpt-on-wechat CowAgent 2.0.4 Administrative HTTP Endpoint 약한 인증]
포인트들19

Interested in the pricing of exploits?

See the underground prices here!