CVE-2026-40502
Received Received - Intake
Command Injection in OpenHarness Gateway Allows Unauthorized Admin Access

Publication date: 2026-04-16

Last updated on: 2026-04-23

Assigner: VulnCheck

Description
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execute administrative commands such as /permissions full_auto through remote chat sessions to change permission modes of a running OpenHarness instance without operator authorization.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-16
Last Modified
2026-04-23
Generated
2026-06-16
AI Q&A
2026-04-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-40502
EUVD
EUVD-2026-23141
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hkuds openharness to 2026-04-13 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-40502 is a high-severity remote administrative command injection vulnerability in OpenHarness versions prior to commit dd1d235. It occurs because the gateway handler does not properly distinguish between commands meant for local use only and those safe for remote execution.

This flaw allows remote gateway users who have chat access to execute sensitive administrative commands, such as `/permissions full_auto`, through remote chat sessions.

As a result, attackers can change permission modes on a running OpenHarness instance without needing operator authorization.

Compliance Impact

The vulnerability allows unauthorized remote execution of administrative commands, which can lead to unauthorized changes in permission modes on a running OpenHarness instance. Such unauthorized access and control could result in violations of security and privacy requirements mandated by standards like GDPR and HIPAA, as it compromises the integrity and confidentiality of the system.

Specifically, the lack of proper authorization checks means that attackers could potentially access or manipulate sensitive data or system configurations without operator consent, increasing the risk of data breaches or unauthorized data processing.

Impact Analysis

This vulnerability can have serious security impacts because it allows unauthorized remote users to execute administrative commands on the OpenHarness system.

  • Attackers can change permission modes on a running instance, potentially escalating their privileges.
  • Unauthorized changes can compromise the integrity and security of the system.
  • It can lead to loss of control over the system and unauthorized access to sensitive functions.
Detection Guidance

This vulnerability can be detected by monitoring for unauthorized execution of administrative commands through the OpenHarness gateway handler, especially commands like `/permissions full_auto` issued via remote chat sessions.

Network or system administrators should look for unusual chat commands that invoke administrative functions remotely, which normally should be restricted to local use only.

Specific detection commands or tools are not provided in the available resources.

Mitigation Strategies

Immediate mitigation involves updating OpenHarness to a version that includes the fix from commit dd1d235 or later, which addresses the insufficient authorization checks in the gateway handler.

Until the update can be applied, restrict or disable remote chat access to the gateway handler to prevent unauthorized execution of administrative commands.

Additionally, monitor and audit chat sessions for suspicious command usage to detect potential exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40502. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart