Impact
FastGPT contains a flaw in the reTrainingCollection endpoint that allows an authenticated tenant user to override a server‑owned datasetId with a value from another tenant. The vulnerable code persists this mixed datasetId, causing downstream dataset, collection, and training services to base authorization on inconsistent ownership anchors. As a result, a malicious user can read, update, or delete data belonging to other tenants when object IDs are known. This weakness is classified as CWE‑915, a server‑side data fencing bypass.
Affected Systems
The vulnerability affects the FastGPT platform developed by labring. Versions from 4.14.17 up to, but not including, 4.15.0‑beta4 are impacted. The issue was addressed in release 4.15.0‑beta4 and later versions remain unaffected.
Risk and Exploitability
With a CVSS score of 6.3 the severity is moderate, and the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is the documented API endpoint, which requires authentication but offers the ability to override tenant‑specific data identifiers. Exploitation requires knowledge of target tenant IDs and access to the API but does not rely on additional conditions beyond standard authentication.
OpenCVE Enrichment