CVE-2026-14714
Received Received - Intake

Missing Authentication in Zhayujie ChatGPT-on-WeChat

Vulnerability report for CVE-2026-14714, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-05

Last updated on: 2026-07-05

Assigner: VulDB

Description

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.1.0. This issue affects the function verify_server of the file channel/wechatmp/common.py of the component wx Endpoint. This manipulation of the argument wechatmp_token causes missing authentication. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 2.1.1 is capable of addressing this issue. Patch name: 3d7c68bac6ee74fad63f43cf99e45c62e202ed55. It is suggested to upgrade the affected component. The project confirms: "We've added an explicit non-empty check for wechatmp_token in verify_server() so that the /wx endpoint now fails closed with 403 Forbidden whenever the token is missing or left at the default empty value, instead of relying on a signature check that silently degenerates to a predictable hash."

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-05
Last Modified
2026-07-05
Generated
2026-07-05
AI Q&A
2026-07-05
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
zhayujie chatgpt-on-wechat to 2.1.0 (inc)
zhayujie chatgpt-on-wechat 2.1.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the CowAgent project, specifically in the verify_server function of the wechatmp channel's common.py file. It occurs because the wechatmp_token argument can be left empty or unset, which causes the authentication mechanism to fail. When the token is empty, the signature verification becomes predictable and can be bypassed by attackers. This allows unauthenticated remote attackers to forge webhook messages and inject arbitrary content into the chat processing pipeline.

The vulnerability is triggered remotely via the /wx webhook endpoint, which is exposed and accessible if the service port is open. Attackers can exploit this by sending forged XML messages that appear to come from the legitimate WeChat platform.

The issue was fixed by adding an explicit check to reject requests when the wechatmp_token is empty, causing the server to respond with a 403 Forbidden error instead of performing a weak signature check.

Impact Analysis

Exploitation of this vulnerability allows attackers to bypass authentication and send forged webhook messages to the application. This can lead to unauthorized message injection, manipulation of chat workflows, poisoning of the application's context, and triggering unintended downstream integrations.

Such unauthorized access can disrupt normal operations, cause misinformation, or abuse the application's functionality, potentially leading to data integrity issues or service disruptions.

Detection Guidance

This vulnerability can be detected by checking if the CowAgent service is running a vulnerable version (2.1.0 or earlier) and if the wechatmp_token configuration is empty or unset. The vulnerable endpoint is exposed on 0.0.0.0 at the configured wechatmp_port, typically accessible via the /wx webhook endpoint.

To detect exploitation attempts or the presence of the vulnerability, you can monitor HTTP requests to the /wx endpoint that return HTTP 200 responses despite missing or empty wechatmp_token values, which indicates missing authentication.

Suggested commands to check the service and configuration might include:

  • Check the running CowAgent version: `cow --version` or check the installed package version.
  • Inspect the configuration file or environment variables for the wechatmp_token value to ensure it is not empty or missing.
  • Use network monitoring tools like `curl` or `wget` to send requests to the /wx endpoint and observe responses, for example: `curl -i http://localhost:<wechatmp_port>/wx`.
  • Use packet capture tools like `tcpdump` or `Wireshark` to monitor traffic on the wechatmp_port for suspicious or unauthorized requests.
Mitigation Strategies

The immediate and recommended mitigation step is to upgrade the CowAgent component to version 2.1.1 or later, where the vulnerability has been fixed by enforcing a non-empty check on the wechatmp_token.

If upgrading immediately is not possible, ensure that the wechatmp_token configuration is set to a strong, non-empty secret value to prevent authentication bypass.

Additionally, restrict network access to the /wx endpoint by firewall rules or network segmentation to limit exposure to untrusted networks.

Monitor logs and network traffic for suspicious activity targeting the /wx endpoint and respond accordingly.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14714. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart