| 标题 | SuperAGI up to c3c1982 Authorization Bypass Through User-Controlled Key (CWE-639) |
|---|
| 描述 | # Technical Details
A Authorization Bypass exists in the `get_config_by_organisation_id` method in `superagi/controllers/config.py` of SuperAGI.
The application fails to verify if the requesting authenticated user belongs to the specified organization, allowing an Insecure Direct Object Reference (IDOR).
# Vulnerable Code
File: superagi/controllers/config.py
Method: get_config_by_organisation_id
Why: The endpoint uses `Depends(check_auth)` which only validates the validity of the JWT token, but it does NOT verify if the user belongs to the requested `organisation_id` passed in the URL. As a result, the application retrieves and decrypts stored API keys (such as OpenAI keys) of any organization and returns them to the attacker.
# Reproduction
1. Authenticate with an attacker account and obtain a valid JWT.
2. Read a victim organization's configs (for example, org_id=3) by sending the following request:
curl -s -H "Authorization: Bearer $JWT" "http://localhost:3000/api/configs/get/organisation/3"
# Impact
- API Key Theft: Attacker steals decrypted LLM API keys (OpenAI, Palm, etc.) belonging to other organizations.
- Financial Abuse: Stolen API keys can be used for unauthorized LLM API calls billed to the victim.
- Configuration Tampering: The companion setup endpoint follows the same pattern, allowing attackers to write configs to any organization.
|
|---|
| 来源 | ⚠️ https://gist.github.com/YLChen-007/678c631238f1767802bda057ea083936 |
|---|
| 用户 | Eric-z (UID 95890) |
|---|
| 提交 | 2026-03-27 12時47分 (24 日前) |
|---|
| 管理 | 2026-04-19 07時40分 (23 days later) |
|---|
| 状态 | 重复 |
|---|
| VulDB条目 | 300344 [transformeroptimus superagi 信息公开] |
|---|
| 积分 | 0 |
|---|