Authentication Bypass
Discription

github.com/navidrome/navidrome is vulnerable to Authentication bypass. The vulnerability is due to the DefaultGet function within auth.go which is used to retrieve the JWT secret key from the database. If the key is not found or an error occurs during retrieval, it defaults to using the hardcoded string not so secret. An attacker can use this for crafting a JWT with the sub claim set to any valid user account and signing this JWT with the known hardcoded…Read More

Back to Main

Subscribe for the latest news: