{"uuid": "2e4298ba-6b18-47bf-8ec2-f65523124c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-QRWJ-VH9X-GW5V", "type": "seen", "source": "https://gist.github.com/alon710/ec3008cd5d92754b3b0eaadc74d4e7e1", "content": "# GHSA-QRWJ-VH9X-GW5V: GHSA-QRWJ-VH9X-GW5V: Cross-Agent Server-Side Request Forgery and Remote Code Execution in Coder Workspace Agent\n\n&gt; **CVSS Score:** 8.0\n&gt; **Published:** 2026-07-06\n&gt; **Full Report:** https://cvereports.com/reports/GHSA-QRWJ-VH9X-GW5V\n\n## Summary\nAn insecure redirect vulnerability in Coder allows an authenticated attacker who controls a workspace agent to perform unauthorized cross-agent file operations and achieve remote code execution in other workspaces. By exploiting default redirect-following behavior in the control-plane's HTTP client, a malicious agent can redirect legitimate requests to a victim's deterministic tailnet IP address.\n\n## TL;DR\nInsecure HTTP redirect handling in the Coder control plane allows a compromised agent to spoof requests to other workspace agents, enabling cross-tenant file writes and arbitrary code execution.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-918 (Server-Side Request Forgery)\n- **Attack Vector**: Network (AV:N)\n- **CVSS**: 8.0 (High)\n- **EPSS Score**: Not Available\n- **Impact**: Remote Code Execution (RCE) / Unauthorized File Access\n- **Exploit Status**: PoC (Proof of Concept)\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Coder Workspace Agent Client\n\n## Mitigation\n\n- Upgrade Coder deployment control plane and agent binaries to a patched version immediately.\n- Monitor workspace logs for unexpected redirection requests or unauthorized access attempts.\n\n**Remediation Steps:**\n1. Identify all running Coder deployments and verify current versioning.\n2. Download and install the appropriate patch release based on your version stream (v2.34.4, v2.33.10, v2.32.9, or v2.29.19).\n3. Restart the coderd control plane daemon to enforce the client configuration changes.\n4. Configure log aggregators to alert on the string 'blocked workspace agent API request to unintended host'.\n\n## References\n\n- [Official Security Advisory (GitHub)](https://github.com/coder/coder/security/advisories/GHSA-qrwj-vh9x-gw5v)\n- [Fix Pull Request #26600](https://github.com/coder/coder/pull/26600)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-QRWJ-VH9X-GW5V) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-07T00:11:42.414122Z"}