Listen to this Post
How the mentioned vulnerabilities work (technical details):
The platform runs in “authenticated” mode but fails to enforce auth on several API endpoints due to missing middleware checks. Each endpoint handler receives `actor: { type: “none” }` and proceeds without rejection.
1. GET /api/heartbeat-runs/:runId/issues – No `assertCompanyAccess` call. An attacker with a valid run UUID (leaked via logs, error messages, or brute-force) can retrieve heartbeat run issues.
2. POST /api/cli-auth/challenges – Handler at `server/src/routes/access.ts:1638-1659` skips any actor verification. Returns challengeId, token, and a pre‑generated `boardApiToken` that becomes active upon challenge approval.
3. GET /api/skills/index and GET /api/skills/:skillName – No auth. Leak full agent heartbeat procedures, all API endpoints + parameters, authentication header formats, agent coordination protocol, and adapter configs.
4. GET /api/health – Unauthenticated disclosure of deploymentMode, deploymentExposure, authReady, bootstrapStatus, version, and feature flags.
All endpoints respond with HTTP 200 instead of 401/403, enabling data theft, internal API mapping, and building blocks for further attacks (e.g., RCE chain).
dailycve form:
Platform: Undercode
Version: 2026.403.0
Vulnerability: Auth bypass
Severity: Critical
date: 2026-04-16
Prediction: 2026-04-30
What Undercode Say:
Check if heartbeat issues endpoint is exposed
curl -s http://target:3100/api/heartbeat-runs/00000000-0000-0000-0000-000000000001/issues
Create CLI auth challenge unauthenticated
curl -s -X POST -H "Content-Type: application/json" -d '{"command":"test"}' http://target:3100/api/cli-auth/challenges
Leak agent instructions and API map
curl -s http://target:3100/api/skills/index
curl -s http://target:3100/api/skills/paperclip
curl -s http://target:3100/api/skills/paperclip-create-agent
Disclose deployment config
curl -s http://target:3100/api/health | jq '.deploymentMode, .version'
How Exploit:
Attacker probes `/api/health` to confirm version and mode. Then requests `/api/skills/paperclip` to obtain full internal API schema and authentication mechanism. Using a valid run UUID (guessed or from logs), attacker calls `/api/heartbeat-runs//api/cli-auth/challenges, receives a board API token, and uses it with open registration to generate persistent API keys for deeper access.
Protection from this CVE
- Add `assertCompanyAccess` to `GET /api/heartbeat-runs/:runId/issues` in
server/src/routes/activity.ts. - Add `assertBoard` to `POST /api/cli-auth/challenges` in
server/src/routes/access.ts. - Add authentication to skill endpoints:
GET /api/skills/available,index,:skillName. - Remove
deploymentMode,deploymentExposure, `version` from unauthenticated `/api/health` response, or gate full response behindassertBoard. - Implement global middleware rejecting `actor: { type: “none” }` for all `/api/` routes except an explicit public allowlist (health, sign-in, sign-up, webhooks).
Impact:
- Unauthenticated data exposure of heartbeat run issues, agent instructions, and full internal API structure.
- Reconnaissance: fingerprint deployment mode, version, features, and map entire API without credentials.
- Auth bypass stepping stone: CLI challenge creation leads to persistent API key generation, enabling RCE chain (reported separately).
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

