Sliver Command and Control Framework Unauthenticated Remote Access Vulnerability

A vulnerability in the Sliver command and control framework, prior to version 1.7.4, allows an unauthenticated attacker to gain immediate and silent control over all active command and control sessions or beacons. This exploitation can be done through the operator's own browser, exfiltrating sensitive data such as SSH keys and the ntds.dit file, or causing destruction to the compromised infrastructure. The issue arises from an insecure integration with the mcp-go library, which introduces permissive Cross-Origin Resource Sharing (CORS) headers and lacks authentication for a critical interface.

Impact

Exploitation leads to complete operational compromise, allowing unauthorized access to active sessions and beacons, covert exfiltration of target data, and arbitrary deletion or modification of files on compromised systems. If the Sliver MCP interface is misconfigured to bind to all interfaces, the vulnerability allows direct, unauthenticated remote access from any actor on the network.

Reproduction

To reproduce this vulnerability, first ensure that the Sliver client is running with the MCP interface enabled, which is the default setting. Then, open a web browser and navigate to a page that contains the Proof of Concept JavaScript. Once the page is loaded, it will automatically execute the embedded script, which takes advantage of the CORS vulnerability to access the Sliver MCP interface on localhost. The script can then list active command and control sessions and issue filesystem commands against deployed beacons, all without any authentication.

Remediation

Users can update to Sliver version 1.7.4 or later, where this vulnerability has been patched.