CVE-2026-42302
Unauthenticated Remote Code Execution in FastGPT Agent-Sandbox
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fastgpt | agent_sandbox | From 4.14.10 (inc) to 4.14.13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the agent-sandbox component of FastGPT versions from 4.14.10 up to but not including 4.14.13. The startup script entrypoint.sh starts code-server with the --auth none flag and binds it to all network interfaces on port 8080. This means that anyone with network access to this port can bypass authentication and execute arbitrary code remotely within the sandbox environment.
How can this vulnerability impact me? :
This vulnerability allows unauthenticated remote attackers to gain full control over the sandbox environment by executing arbitrary code. This can lead to complete compromise of the affected system, including unauthorized access, data theft, data manipulation, or disruption of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability exists because the agent-sandbox component of FastGPT runs code-server with the --auth none flag and binds to all network interfaces on port 8080, allowing unauthenticated access.
To detect this vulnerability on your network or system, you can check if the service is listening on port 8080 without authentication.
- Use a network scanning tool like nmap to check if port 8080 is open and accessible: nmap -p 8080 <target-ip>
- Attempt to access the service via a web browser or curl to see if authentication is required: curl http://<target-ip>:8080
- On the host, check the startup script entrypoint.sh or running processes for code-server launched with the --auth none flag.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been patched in FastGPT version 4.14.13.
Immediate mitigation steps include:
- Upgrade FastGPT to version 4.14.13 or later where the issue is fixed.
- If upgrading is not immediately possible, restrict network access to port 8080 to trusted users only, for example by firewall rules or network segmentation.
- Modify the startup script to remove the --auth none flag or configure authentication for code-server.
- Monitor network traffic and logs for any suspicious activity targeting port 8080.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated remote code execution, enabling any user with network access to gain full control over the sandbox environment. This could lead to unauthorized access, data breaches, and potential manipulation or exfiltration of sensitive data.
Such unauthorized access and potential data compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over data confidentiality, integrity, and access.
However, the provided information does not explicitly state the impact on compliance or mention specific regulatory consequences.