제출 #811314: inkeep agents 0.58.14 Authentication Bypass (CWE-288)정보

제목inkeep agents 0.58.14 Authentication Bypass (CWE-288)
설명# Technical Details An Authentication Bypass vulnerability exists in the `createDevContext` function in `agents-api/src/middleware/runAuth.ts` of inkeep agents. The application fails to properly validate inputs and authenticate requests when the application is running in `development` or `test` mode, trusting the unverified `x-inkeep-tenant-id`, `x-inkeep-project-id`, and `x-inkeep-agent-id` HTTP headers. # Vulnerable Code File: agents-api/src/middleware/runAuth.ts Method: createDevContext Why: The function blindly prioritizes external `x-inkeep-*` HTTP headers over safe test defaults to construct a dummy user execution context, which allows bypassing strict API key authentication when developer bypass secrets or API keys are missing. # Reproduction 1. Ensure the agents-api application is running locally with `ENVIRONMENT=development` (which is the default). 2. Identify a protected endpoint, such as `/run/agents/{agent_id}/chat`. 3. Submit an unauthenticated POST request and inject targeted execution context parameters via the `x-inkeep-tenant-id`, `x-inkeep-project-id`, and `x-inkeep-agent-id` headers (e.g., `curl -X POST "http://localhost:3002/run/agents/target-agent/chat" -H "x-inkeep-tenant-id: hacked-tenant" ...`). # Impact - Authentication Bypass & Privilege Escalation (Tenant Takeover) allowing unauthenticated attackers to assume the identity of any registered platform tenant and project. - Unauthorized Data Access exposing cross-tenant interaction histories, metadata, and intelligent model configurations. - API Exhaustion / Billing Fraud where attackers can consume significant backend LLM tokens billed to impersonated victims.
원천⚠️ https://github.com/inkeep/agents/issues/3024
사용자
 Eric-d (UID 96861)
제출2026. 04. 23. AM 11:18 (1 월 ago)
모더레이션2026. 05. 11. PM 03:36 (18 days later)
상태수락
VulDB 항목362608 [inkeep agents 0.58.14 runAuth Middleware runAuth.ts createDevContext 약한 인증]
포인트들20

이전개요다음

Do you want to use VulDB in your project?

Use the official API to access entries easily!