Handler on Duty: Brad Duncan
Threat Level: green
| Published | 2026-04-16 01:16:11 |
|---|---|
| Last Modified | 2026-04-23 19:48:16 |
| AKA | CVE-2026-40502 |
| Summary | OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execute administrative commands such as /permissions full_auto through remote chat sessions to change permission modes of a running OpenHarness instance without operator authorization. |
| Access Vector | Local | Adjacent | Network |
|---|---|---|---|
| Access Complexity | Low | Medium | High |
| Authentication | None | Single | Multiple |
| Confidentiality | None | Partial | Complete |
| Integrity | None | Partial | Complete |
| Availability | None | Partial | Complete |