Improper access control arbitrary allows account creation
June 9, 2025
Products Impacted
This vulnerability is present in all versions of BackendAI. We tested on version 25.3.3 (commit f7f8fe33ea0230090f1d0e5a936ef8edd8cf9959).
CVSS Score: 9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE Categorization
CWE-284: Improper Access Control
Details
To sign up, an attacker can use the API endpoint /func/auth/signup. Then, using the login credentials, the attacker can access the account.
To reproduce this, we made a Python script to reach the endpoint and signup. Using those login credentials on the endpoint /server/login we get a valid session. When running the exploit, we get a valid AIOHTTP_SESSION cookie, or we can reuse the credentials to log in.
We can then try to login with those credentials and notice that we successfully logged in
Related SAI Security Advisory
November 26, 2025
Allowlist Bypass in Run Terminal Tool Allows Arbitrary Code Execution During Autorun Mode
When in autorun mode, Cursor checks commands sent to run in the terminal to see if a command has been specifically allowed. The function that checks the command has a bypass to its logic allowing an attacker to craft a command that will execute non-allowed commands.
October 17, 2025
Path Traversal in File Tools Allowing Arbitrary Filesystem Access
A path traversal vulnerability exists within Windsurf’s codebase_search and write_to_file tools. These tools do not properly validate input paths, enabling access to files outside the intended project directory, which can provide attackers a way to read from and write to arbitrary locations on the target user’s filesystem.