PT-2026-53409 · Pypi · Codechecker

Publicado

2026-06-29

·

Atualizado

2026-06-29

CVSS v4.0

9.3

Crítica

VetorAV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P

Summary

Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permissions to any existing user in CodeChecker.

Details

The following functions are affected under the Authentication endpoint: getAuthorisedNames, getPermissionsForUser, hasPermission, addPermission, and removePermission.
The vulnerability allows unauthenticated users to execute these function calls with arbitrary arguments. In the logs, the exploit shows as follows:
[INFO 2026-04-23 21:23] - 127.0.0.1:42654 -- [Anonymous] POST /v6.67/Authentication@getAuthorisedNames
[INFO 2026-04-23 21:23] - 127.0.0.1:42654 -- [Anonymous] POST /v6.67/Authentication@addPermission

Impact

An attacker with a CodeChecker user can effectively acquire superuser permissions by calling these endpoints.

Patch

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Identificadores relacionados

PYSEC-2026-317

Produtos afetados

Codechecker