Code100X
Monthly
Authentication bypass in code100x CMS Mobile API allows unauthenticated remote attackers to impersonate any enrolled user or administrator by supplying a crafted JSON payload in the 'g' HTTP header alongside an unvalidated 'Auth-Key' header. The middleware shortcuts identity verification whenever an Auth-Key is present without checking its value, letting downstream mobile course endpoints trust attacker-supplied identity claims. Publicly available exploit code exists via the upstream GitHub PR diff, though EPSS probability remains low at 0.08%.
Authentication bypass in code100x CMS Mobile API allows unauthenticated remote attackers to impersonate any enrolled user or administrator by supplying a crafted JSON payload in the 'g' HTTP header alongside an unvalidated 'Auth-Key' header. The middleware shortcuts identity verification whenever an Auth-Key is present without checking its value, letting downstream mobile course endpoints trust attacker-supplied identity claims. Publicly available exploit code exists via the upstream GitHub PR diff, though EPSS probability remains low at 0.08%.