[PR #5412] [CLOSED] fix: remove unsafe exec() in system.js #5437

Closed
opened 2026-06-05 15:21:21 -04:00 by yindo · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/Mintplex-Labs/anything-llm/pull/5412
Author: @orbisai0security
Created: 4/12/2026
Status: Closed

Base: masterHead: fix-fix-v-006-migrate-endpoint-auth


📝 Commits (1)

  • 3a38d21 fix: V-006 security vulnerability

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 server/endpoints/system.js (+1 -1)

📄 Description

Summary

Fix critical severity security issue in server/endpoints/system.js.

Vulnerability

Field Value
ID V-006
Severity CRITICAL
Scanner multi_agent_ai
Rule V-006
File server/endpoints/system.js:72

Description: The /migrate endpoint is publicly accessible without any authentication or authorization checks. The endpoint handler uses underscore (_) for the request parameter, explicitly indicating no authentication validation is performed. Database migration endpoints typically execute schema changes with elevated privileges (CREATE, ALTER, DROP), allowing attackers to corrupt data, create backdoor administrator accounts, or completely compromise the database.

Changes

  • server/endpoints/system.js

Verification

  • Build passes
  • Scanner re-scan confirms fix
  • LLM code review passed

Automated security fix by OrbisAI Security


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/Mintplex-Labs/anything-llm/pull/5412 **Author:** [@orbisai0security](https://github.com/orbisai0security) **Created:** 4/12/2026 **Status:** ❌ Closed **Base:** `master` ← **Head:** `fix-fix-v-006-migrate-endpoint-auth` --- ### 📝 Commits (1) - [`3a38d21`](https://github.com/Mintplex-Labs/anything-llm/commit/3a38d21428cdce4a11e62a5c491cc81e5107dbf4) fix: V-006 security vulnerability ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `server/endpoints/system.js` (+1 -1) </details> ### 📄 Description ## Summary Fix critical severity security issue in `server/endpoints/system.js`. ## Vulnerability | Field | Value | |-------|-------| | **ID** | V-006 | | **Severity** | CRITICAL | | **Scanner** | multi_agent_ai | | **Rule** | `V-006` | | **File** | `server/endpoints/system.js:72` | **Description**: The /migrate endpoint is publicly accessible without any authentication or authorization checks. The endpoint handler uses underscore (_) for the request parameter, explicitly indicating no authentication validation is performed. Database migration endpoints typically execute schema changes with elevated privileges (CREATE, ALTER, DROP), allowing attackers to corrupt data, create backdoor administrator accounts, or completely compromise the database. ## Changes - `server/endpoints/system.js` ## Verification - [x] Build passes - [x] Scanner re-scan confirms fix - [x] LLM code review passed --- *Automated security fix by [OrbisAI Security](https://orbisappsec.com)* --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
yindo added the pull-request label 2026-06-05 15:21:21 -04:00
yindo closed this issue 2026-06-05 15:21:21 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#5437