LibreChat Improper Access Control Vulnerability in Agent Permission Queries

A vulnerability exists in LibreChat version 0.8.1-rc2, where the application fails to enforce proper access control when querying agent permissions. This flaw allows authenticated attackers to read the permissions of any agent by knowing the agent ID, regardless of their own permission level. The exposed permissions include details about other users' access rights, such as ownership or editing privileges, and can reveal private agent information that is not shared with other users. The issue arises because the agent ID can be brute-forced, taking advantage of the predictable structure of MongoDB ObjectIds. The vulnerability has been patched in version 0.8.2-rc2.

Impact

Exploitation of this vulnerability allows for unauthorized access to agent permission details, including user-specific permissions and private agent statuses.

Reproduction

To reproduce this vulnerability, an authenticated user must send a GET request to the '/api/permissions/agent/{agent_id}' endpoint, using a valid authorization token. The request will return permission details for the specified agent, including information about other users' access rights, which should not be accessible without proper authorization.

Remediation

Users are advised to update LibreChat to version 0.8.2-rc2 or later, where this vulnerability has been fixed.