EresusSecurity
Advisory içeriklerine dön
GHSA-wmv9-3qh3-9rpwCriticalCVSS: 9.8

MCPHub skipAuth Konfigürasyonu ile Kimlik Doğrulama Atlatma

Yayımlandı: 2026-04-16

Summary

Eresus Security discovered a critical authentication bypass in MCPHub versions <= 0.12.12. When systemConfig.routing.skipAuth is enabled, unauthenticated users can gain broad administrative access to the platform without presenting credentials.

This is not limited to a cosmetic guest mode. The vulnerable behavior affects:

  • authentication middleware;
  • admin authorization checks;
  • the public configuration endpoint.

Together, these allow anonymous users to reach privileged operations such as user management, configuration export, and MCP server administration.

Affected Component

  • Package: mcphub (npm)
  • Affected versions: <= 0.12.12
  • Patched versions: none at the time of publication
  • Advisory: GHSA-wmv9-3qh3-9rpw

Root Cause

The vulnerable behavior appears across several components:

  1. Authentication middleware returns early when skipAuth is enabled, without attaching a real user context.
  2. Admin authorization logic independently trusts the same flag and effectively treats anonymous traffic as administrative.
  3. /public-config disclosure reveals the skipAuth state and exposes elevated permissions to an unauthenticated caller.

This creates a clear exploitation chain:

  1. Fingerprint the instance using /public-config.
  2. Confirm skipAuth: true.
  3. Call admin-only endpoints directly.

Practical Impact

An attacker can:

  • enumerate users and admin accounts;
  • create, modify, or delete users;
  • export secrets and configuration;
  • create or manage MCP servers;
  • chain the issue into remote code execution when server registration is reachable.

Because the configuration state is externally visible, the issue also enables rapid internet-wide fingerprinting of exposed vulnerable instances.

Why This Matters

Configuration-driven bypasses are especially dangerous because they are often treated as “temporary convenience” settings. In reality, once the application encodes that setting as a trust primitive, the distinction between convenience and compromise disappears.

In MCPHub, skipAuth does not merely skip login UI. It rewires the trust model of the entire platform.

Mitigation Guidance

  1. Disable skipAuth on any instance reachable by other users or systems.
  2. Treat exposed instances with skipAuth: true as potentially compromised.
  3. Rotate exported secrets, bearer keys, API tokens, and credential material.
  4. Review user-management actions and configuration exports for suspicious access.
  5. Restrict access to administration endpoints with network controls and strong authentication.

Detection Considerations

Look for:

  • unauthenticated access to /public-config;
  • unexpected reads against /api/users or /api/mcp-settings/export;
  • account creation or privilege changes without normal authentication flows;
  • new or modified server definitions following anonymous access.

Credit

Reported by the Eresus Security Research Team.