Xagent
Monthly
OpenBMB XAgent 1.0.0 ShareServer WebSocket endpoint allows remote authentication bypass through manipulation of the interaction_id parameter in the check_user function, enabling unauthenticated attackers to access protected resources with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, the vendor was contacted but did not respond, and active exploitation remains possible.
OpenBMB XAgent 1.0.0 allows authenticated remote attackers to bypass authorization controls via manipulation of the interaction_id argument in the WebSocket ReplayServer endpoint (XAgentServer/application/websockets/replayer.py), enabling unauthorized access to replay functionality. The vulnerability requires low privileges and is difficult to exploit due to high attack complexity, but publicly available exploit code exists. No vendor patch has been released despite early disclosure notification.
OpenBMB XAgent 1.0.0 exposes sensitive API credentials in log files through improper handling of the api_key argument in the FunctionHandler.handle_tool_call function, allowing remote authenticated attackers with high privileges to disclose confidential information. The vulnerability is classified as information disclosure (CWE-200) with a CVSS score of 5.1 and has publicly available exploit code; however, the vendor has not responded to early disclosure notification.
OpenBMB XAgent 1.0.0 ShareServer WebSocket endpoint allows remote authentication bypass through manipulation of the interaction_id parameter in the check_user function, enabling unauthenticated attackers to access protected resources with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, the vendor was contacted but did not respond, and active exploitation remains possible.
OpenBMB XAgent 1.0.0 allows authenticated remote attackers to bypass authorization controls via manipulation of the interaction_id argument in the WebSocket ReplayServer endpoint (XAgentServer/application/websockets/replayer.py), enabling unauthorized access to replay functionality. The vulnerability requires low privileges and is difficult to exploit due to high attack complexity, but publicly available exploit code exists. No vendor patch has been released despite early disclosure notification.
OpenBMB XAgent 1.0.0 exposes sensitive API credentials in log files through improper handling of the api_key argument in the FunctionHandler.handle_tool_call function, allowing remote authenticated attackers with high privileges to disclose confidential information. The vulnerability is classified as information disclosure (CWE-200) with a CVSS score of 5.1 and has publicly available exploit code; however, the vendor has not responded to early disclosure notification.