제출 #852864: AstrBotDevs AstrBot <= 4.25.5 Authentication Bypass by Spoofing (CWE-290)정보

제목AstrBotDevs AstrBot <= 4.25.5 Authentication Bypass by Spoofing (CWE-290)
설명# Technical Details An authentication bypass by spoofing exists in the `OpenApiRoute.chat_send` method in `astrbot/dashboard/routes/open_api.py` of AstrBot. The application authenticates OpenAPI callers with an API key, but later derives the effective command sender identity from the request-body `username`. A caller holding a valid `chat`-scope API key can submit `username="astrbot"` and be treated as an administrator by the downstream message pipeline. # Vulnerable Code File: `astrbot/dashboard/server.py` Method: OpenAPI API-key middleware Why: The middleware stores the trusted authenticated principal as `g.username = f"api_key:{api_key.key_id}"`. File: `astrbot/dashboard/routes/open_api.py` Method: `OpenApiRoute.chat_send` Why: The handler accepts user-controlled JSON `username`, resolves it, and overwrites the trusted principal with `g.username = effective_username`. File: `astrbot/core/platform/sources/webchat/webchat_adapter.py` Method: `WebChatAdapter.convert_message` Why: The adapter creates the sender object from attacker-controlled queue data using `MessageMember(username, username)`. File: `astrbot/core/pipeline/waking_check/stage.py` Method: `WakingCheckStage.process` Why: The admin authorization check trusts `event.get_sender_id()` and assigns `event.role = "admin"` when it matches `admins_id`. # Reproduction 1. Run AstrBot `<= 4.25.5` with dashboard and OpenAPI endpoints enabled. 2. Create a valid OpenAPI key with `chat` scope. 3. Send a control request to `POST /api/v1/chat` with `username="not-admin-user"` and message `"/name control_alias"`; observe that the admin-only command is denied. 4. Send an exploit request to `POST /api/v1/chat` with header `X-API-Key: <chat-scope-api-key>` and JSON body `{"username":"astrbot","session_id":"spoofed-session","message":"/name pwned_alias","enable_streaming":true}`. 5. Observe that the response contains `UMO name set to: pwned_alias`. 6. Confirm persistence in `data/data_v4.db` where the alias row has `creator_sender_id="astrbot"`. # Impact - A valid `chat`-scope API key holder can impersonate an administrator sender ID. - Admin-only builtin commands and plugins gated by `event.get_sender_id()` can become reachable over HTTP. - In the verified case, the attacker executed `/name` and persisted a forged alias record as the administrator identity.
원천⚠️ https://gist.github.com/YLChen-007/080ba55a71588dbbba3f27afed4c072c
사용자 Eric-d (UID 96861)
제출2026. 06. 09. PM 12:05 (1 월 ago)
모더레이션2026. 07. 17. PM 03:39 (1 month later)
상태수락
VulDB 항목379791 [AstrBotDevs AstrBot 까지 4.25.5 API open_api.py OpenApiRoute.chat_send 사용자 이름 약한 인증]
포인트들20

Want to know what is going to be exploited?

We predict KEV entries!