CVE-2024-10906
📋 TL;DR
This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in eosphoros-ai/db-gpt version 0.6.0 where the server's CORS middleware allows all origins (*), enabling attackers to make unauthorized requests to any server endpoint. This affects all users running the vulnerable version, even if the instance isn't publicly exposed, as CSRF attacks can originate from malicious websites visited by authenticated users.
💻 Affected Systems
- eosphoros-ai/db-gpt
📦 What is this software?
Db Gpt by Dbgpt
⚠️ Risk & Real-World Impact
Worst Case
An attacker could perform any action available through the server's API endpoints as the authenticated user, potentially leading to data theft, data manipulation, or complete system compromise depending on available endpoints.
Likely Case
Attackers could steal sensitive data, modify database queries, or execute unauthorized operations through the web interface by tricking authenticated users into visiting malicious websites.
If Mitigated
With proper CORS restrictions and CSRF protections, the server would reject unauthorized cross-origin requests, limiting attacks to same-origin scenarios only.
🎯 Exploit Status
Exploitation requires the attacker to trick an authenticated user into visiting a malicious website that makes cross-origin requests to the vulnerable server.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 0.6.0
Vendor Advisory: https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160
Restart Required: No
Instructions:
1. Update to the latest version of db-gpt. 2. Verify the CORS configuration restricts allowed origins appropriately. 3. Ensure CSRF protection mechanisms are properly implemented.
🔧 Temporary Workarounds
Restrict CORS Origins
allModify the CORS middleware configuration to only allow specific trusted origins instead of using wildcard (*).
Modify the uvicorn app configuration to set specific origins in CORSMiddleware
🧯 If You Can't Patch
- Implement network segmentation to isolate the db-gpt instance from user browsing environments
- Deploy a reverse proxy with strict CORS policies in front of the vulnerable server
🔍 How to Verify
Check if Vulnerable:
Check if the server responds with 'Access-Control-Allow-Origin: *' header to cross-origin requests.Check Version:
Check the db-gpt version in your deployment configuration or via package managerVerify Fix Applied:
Verify that cross-origin requests from untrusted origins are rejected with appropriate CORS error responses.📡 Detection & Monitoring
Log Indicators:
- Multiple failed cross-origin requests
- Unusual API endpoint access patterns from unexpected origins
Network Indicators:
- HTTP requests with 'Origin' headers to sensitive endpoints
- Cross-origin requests to internal endpoints
SIEM Query:
http.headers: "Access-Control-Allow-Origin: *" AND http.url: "/api/*"