CVE-2026-40502
Command Injection in OpenHarness Gateway Allows Unauthorized Admin Access
Publication date: 2026-04-16
Last updated on: 2026-04-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hkuds | openharness | to 2026-04-13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-40502 is a high-severity remote administrative command injection vulnerability in OpenHarness versions prior to commit dd1d235. It occurs because the gateway handler does not properly distinguish between commands meant for local use only and those safe for remote execution.
This flaw allows remote gateway users who have chat access to execute sensitive administrative commands, such as `/permissions full_auto`, through remote chat sessions.
As a result, attackers can change permission modes on a running OpenHarness instance without needing operator authorization.
How can this vulnerability impact me? :
This vulnerability can have serious security impacts because it allows unauthorized remote users to execute administrative commands on the OpenHarness system.
- Attackers can change permission modes on a running instance, potentially escalating their privileges.
- Unauthorized changes can compromise the integrity and security of the system.
- It can lead to loss of control over the system and unauthorized access to sensitive functions.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized execution of administrative commands through the OpenHarness gateway handler, especially commands like `/permissions full_auto` issued via remote chat sessions.
Network or system administrators should look for unusual chat commands that invoke administrative functions remotely, which normally should be restricted to local use only.
Specific detection commands or tools are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating OpenHarness to a version that includes the fix from commit dd1d235 or later, which addresses the insufficient authorization checks in the gateway handler.
Until the update can be applied, restrict or disable remote chat access to the gateway handler to prevent unauthorized execution of administrative commands.
Additionally, monitor and audit chat sessions for suspicious command usage to detect potential exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized remote execution of administrative commands, which can lead to unauthorized changes in permission modes on a running OpenHarness instance. Such unauthorized access and control could result in violations of security and privacy requirements mandated by standards like GDPR and HIPAA, as it compromises the integrity and confidentiality of the system.
Specifically, the lack of proper authorization checks means that attackers could potentially access or manipulate sensitive data or system configurations without operator consent, increasing the risk of data breaches or unauthorized data processing.