FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object (e.g., {"$ne": ""}) as the password field. This NoSQL injection bypasses the password check, enabling login as any user including the root administrator. This issue has been fixed in version 4.14.9.5.
The login endpoint uses TypeScript type assertions without input data validation at runtime. An attacker can submit a MongoDB query operator object (e.g., {"$ne": ""}) in the password field instead of a string. The lack of actual data type verification causes the NoSQL query to the MongoDB database to be interpreted as always true, resulting in password verification bypass (Auth Bypass).
An unauthenticated remote attacker can log in as any user on the platform, including the root administrator account, gaining full control over the FastGPT platform and access to all data and configurations.
FastGPT should be updated to version 4.14.9.5, where the issue has been fixed. The patch is available in the vendor's repository: https://github.com/labring/FastGPT/releases/tag/v4.14.9.5
FastGPT (labring/FastGPT) in versions earlier than 4.14.9.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFastgpt
APPFastgpt< 4.14.9.5
Related vulnerabilities
FastGPT: nieuwierzytelniony endpoint proxy HTTP umożliwia SSRF
FastGPT: RCE i eksfiltracja sekretów przez złośliwy Dockerfile w workflow CI/CD
FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulne...
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) to...
FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint acce...