Monetr Denial-of-Service Vulnerability via Unbounded Stripe Webhook Request Handling

A denial-of-service vulnerability has been identified in Monetr, a budgeting application for recurring expenses, in versions through 1.12.3. The issue arises in the public Stripe webhook endpoint, which reads the entire request body into memory before validating the Stripe signature. This flaw allows remote, unauthenticated attackers to send oversized POST payloads, causing uncontrolled memory growth and leading to service unavailability. The vulnerability affects deployments with Stripe webhooks enabled, particularly in the hosted/SaaS configuration. Self-hosted instances are unlikely to be impacted, as the webhook route is disabled by default.

Impact

Exploitation of this vulnerability causes uncontrolled resource consumption, with memory usage rising significantly as the application processes the oversized webhook payloads. This can lead to the Monetr server becoming unresponsive or crashing, disrupting service for all users of the affected instance.

Reproduction

The vulnerability can be reproduced by sending a large POST request to the '/api/stripe/webhook' endpoint with an invalid Stripe signature. The request body should be filled with enough data to exhaust the server's memory resources. This can be done using a script that generates a payload of approximately 256 megabytes, which is then sent to the webhook endpoint at a controlled rate to avoid network throttling.

Remediation

Users can upgrade to Monetr version 1.12.4, which includes a fix for this vulnerability by limiting the request body size in the middleware before it reaches the Stripe webhook handler.