Authentication Bypass
Discription
github.com/navidrome/navidrome is vulnerable to Authentication bypass. The vulnerability is due to the DefaultGet function within auth.go which is used to retrieve the JWT secret key from the database. If the key is not found or an error occurs during retrieval, it defaults to using the hardcoded string not so secret. An attacker can use this for crafting a JWT with the sub claim set to any valid user account and signing this JWT with the known hardcoded…Read More
References
Back to Main