Archon Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Archon version 0.1.0. This issue allows a crafted HTML page, when accessed by a user, to execute commands and prompts on their behalf. The vulnerability also enables control over Archon's UI features and access to all Archon information displayed on the UI, including API keys.

Impact

Exploitation of this vulnerability allows for unauthorized execution of commands on behalf of the user, control over Archon UI features, and access to sensitive information such as API keys.

Reproduction

The vulnerability can be reproduced by sending an unauthenticated request from a malicious web page to Archon's backend port 8181, which lacks CORS protection and authentication. This request can extract sensitive environment variables, including API keys, and execute commands via Archon's Agent feature.

Remediation

Users are advised not to expose Archon's backend port 8181 externally and to bind it explicitly to localhost. Additionally, sensitive API keys should not be stored in Archon until authentication is implemented on the backend.