제출 #856813: poco-ai poco-agent 0.5.4 Missing Authentication for Critical Function (CWE-306)정보

제목poco-ai poco-agent 0.5.4 Missing Authentication for Critical Function (CWE-306)
설명# Technical Details An authorization flaw exists in the `create_task` method in `executor_manager/app/api/v1/tasks.py` of poco-agent allowing any network client to supply an arbitrary `user_id`, impersonate another user across the manager-to-backend internal trust boundary, and retrieve execution-scoped privileged resources tied to that identity. The manager forwards the attacker-controlled `user_id` into backend session creation, and the backend's runtime environment resolution (`env_var_service.get_runtime_env_map`) trusts the forwarded identity to decide whether `admins_only` system secrets should be returned. # Vulnerable Code File: executor_manager/app/api/v1/tasks.py Method: create_task (POST /api/v1/tasks route) Why: Accepts `request.user_id` directly from the request body and passes it into `TaskService.create_task()` with no authentication or caller-to-user binding. File: backend/app/services/env_var_service.py Method: get_runtime_env_map Why: Releases `admins_only` system environment variables whenever `requester_is_admin` is true, but trusts the forwarded `user_id` from the manager to determine this flag. # Reproduction 1. Seed a backend with an admin account and at least one system env var with `runtime_visibility=admins_only`. 2. Send an unauthenticated POST to executor-manager /api/v1/tasks with `user_id` set to the admin identity. 3. Observe that the backend creates a session bound to the spoofed admin user. 4. Verify via the backend internal runtime-env endpoint that the admin-spoofed user receives `admins_only` secrets while a regular user receives an empty map. # Impact - Impersonation of privileged identities across the manager-to-backend internal API trust boundary. - Retrieval of admin-only runtime secrets intended only for administrator-launched task executions. - Potential inheritance of execution-scoped resources tied to the spoofed identity (skills, plugins, presets, slash commands). - Unauthorized disclosure of runtime credentials and incorrect audit records.
원천⚠️ https://github.com/poco-ai/poco-claw/issues/137
사용자
 Erichen (UID 98955)
제출2026. 06. 12. AM 10:34 (1 월 ago)
모더레이션2026. 07. 17. AM 07:44 (1 month later)
상태중복
VulDB 항목379757 [poco-ai poco-claw 까지 0.5.4 executor_manager API tasks.py create_task 약한 인증]
포인트들0

Do you want to use VulDB in your project?

Use the official API to access entries easily!