Vulnerability Description
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can execute administrative commands such as /permissions full_auto through remote chat sessions to change permission modes of a running OpenHarness instance without operator authorization.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hkuds | Openharness | < 2026-04-13 |
Related Weaknesses (CWE)
References
- https://github.com/HKUDS/OpenHarness/commit/dd1d235450dd987b20bff01b7bfb02fe8620Patch
- https://github.com/HKUDS/OpenHarness/pull/127ExploitIssue Tracking
- https://www.vulncheck.com/advisories/openharness-remote-administrative-command-iThird Party Advisory
FAQ
What is CVE-2026-40502?
CVE-2026-40502 is a vulnerability with a CVSS score of 8.8 (HIGH). OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient ...
How severe is CVE-2026-40502?
CVE-2026-40502 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-40502?
Check the references section above for vendor advisories and patch information. Affected products include: Hkuds Openharness.