CVE-2025-7104
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-16
Assigner: huntr.dev
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| librechat | librechat | to 0.7.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-915 | The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a mass assignment flaw in danny-avila/librechat that allows attackers to manipulate sensitive internal fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. Attackers can include extra fields in the request body that get assigned to agentData and passed to the database, enabling them to overwrite critical fields such as author, access_level, isCollaborative, and projectIds. Additionally, the use of Object.assign with spread operators can lead to Object.Prototype pollution.
How can this vulnerability impact me? :
This vulnerability can allow attackers to escalate privileges or alter important data by overwriting sensitive fields in the database schema, such as changing the author of an agent, modifying access levels, or altering project associations. This can lead to unauthorized access, data tampering, and potentially compromise the integrity and security of the application and its data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this mass assignment vulnerability involves monitoring for unexpected or unauthorized modifications to sensitive fields such as author, access_level, isCollaborative, and projectIds in the agent data. Since the vulnerability arises from improper validation of request bodies, inspecting HTTP requests to the agent creation and update endpoints for extra or unexpected fields can help identify exploitation attempts. Specific commands are not provided in the resources, but general approaches include capturing and analyzing HTTP traffic (e.g., using tools like tcpdump or Wireshark) to look for suspicious payloads, or reviewing application logs for validation errors or unusual updates. Additionally, checking logs for HTTP 400 responses related to validation failures may indicate attempts to exploit the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying strict validation and sanitization of incoming request data for agent creation and update operations. This involves integrating validation schemas (such as agentCreateSchema and agentUpdateSchema) to rigorously check and filter request bodies, removing null or undefined values, and enforcing authorization checks to ensure only permitted users can modify agent data. Updating the application code to include these validation and permission checks, as demonstrated in the referenced commit, will prevent unauthorized mass assignment. Additionally, monitoring and logging validation errors and access attempts can help detect and respond to exploitation attempts. [1]