AstrBot Session Renaming Vulnerability via Delimiter Injection in WebChat

A vulnerability allowing authorization bypass through Insecure Direct Object Reference (IDOR) via delimiter injection has been identified in AstrBot version 4.24.2. The issue arises in the session handling of the WebChat feature, specifically within the 'astr_main_agent' file. The vulnerability allows authenticated users to manipulate the 'session_id' argument, injecting a delimiter that tricks the server into associating actions with a different user's session. This exploitation can be performed remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows authenticated users to arbitrarily rename the display titles of other users' sessions, leading to unauthorized data modification. This disruption can cause confusion among users, interfere with audit processes, and break automation workflows that depend on session metadata.

Reproduction

To reproduce this vulnerability, log into the AstrBot Dashboard to obtain an authentication token. Once logged in, identify a target user's 'session_id'. Then, send a WebSocket message through the '/api/unified_chat/ws' endpoint, using a crafted 'session_id' that includes a delimiter injection. The server will incorrectly process this 'session_id', allowing the attacker to rename the target user's session title.