Primary

Context

Pachno Authentication Bypass Vulnerability in Privilege Escalation

Vulnerability

An authentication bypass vulnerability has been identified in Pachno version 1.0.6, specifically within the runSwitchUser() action. This vulnerability allows authenticated low-privilege users to manipulate the original_username cookie and escalate privileges by switching to user ID 1. Exploiting this flaw enables access to session tokens or password hashes of administrator accounts.

Impact

Exploitation of this vulnerability allows for remote vertical privilege escalation, enabling low-privilege users to gain administrative rights and access sensitive information such as session tokens or password hashes of admin accounts.

Reproduction

To reproduce this vulnerability, an authenticated low-privilege user must set the original_username cookie to any desired value. Once the cookie is set, the user can request a switch to user ID 1 through the runSwitchUser() action. This will result in the user receiving a session token or password hash belonging to an administrator.

Added: Apr 13, 2026, 7:32 PM

Updated: Apr 13, 2026, 7:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

0.0

relevance

5.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.6

remediation

0.0

relevance

5.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Pachno Authentication Bypass Vulnerability in Privilege Escalation

Vulnerability

Impact

Reproduction

Affected Products

Pachno

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating