LibreChat JWT Authentication Bypass Vulnerability in RAG API

A vulnerability exists in LibreChat version 0.8.1-rc2, where a logged-in user can use a JSON Web Token (JWT) to bypass authentication on the RAG API. This issue arises because both the LibreChat API and RAG API share the same JWT secret for user session management, allowing unauthorized access to RAG API endpoints.

Impact

Exploitation of this vulnerability allows authenticated users to access, modify, or delete documents via the RAG API, which is typically restricted to internal use only.

Reproduction

To reproduce this vulnerability, log into LibreChat 0.8.1-rc2. After logging in, a JWT token is issued that can be used to authenticate against the RAG API. This token bypasses the intended authentication since RAG API does not validate the token's audience or apply additional access controls.

Remediation

It is recommended to use a separate JWT secret for RAG API authentication and to add audience claims to the JWT tokens, validating them in both LibreChat and RAG API. Additionally, separate environment files for each service in the Docker Compose setup can help manage access to sensitive secrets.