GoAway Authentication Bypass Vulnerability via Hardcoded Credentials
Vulnerability
A vulnerability in GoAway versions prior to 0.62.19 allows authentication bypass by exploiting a hardcoded secret used for signing JSON Web Tokens (JWT) in the authentication process. The secret, which is publicly available in the project's GitHub repository, can be used to forge JWTs, thereby bypassing authentication and gaining unauthorized access to the admin dashboard. The vulnerability arises because the application relies on a static secret that can be easily exploited.
Impact
Exploitation of this vulnerability allows for authentication bypass, enabling unauthorized access to the admin dashboard.
Reproduction
To reproduce this vulnerability, first build the application and run it. The hardcoded secret can be used to generate a valid JWT for the admin user. This token can then be sent in a cookie to the application, which will grant access to the admin dashboard.
Remediation
Users can update to GoAway version 0.62.19 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.