Description
Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).
Published: 2026-06-30
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability allows an unauthenticated attacker to access the internal MCP endpoint /mcp, which automatically issues a valid session token for the configured operator user. The attacker can then invoke MCP commands such as generate_presentation, enabling them to perform privileged actions, consume the operator’s LLM API keys, and create presentations as if they were authenticated. The flaw is a classic authentication bypass, classified as CWE‑306, and results in unauthorized access to sensitive operations through the application’s own server. The potential impact includes data leakage and service disruption across the entire operator instance.

Affected Systems

Products affected are Presenton before version 0.8.8‑beta on server or Docker deployments that enable session authentication via the environment variables AUTH_USERNAME and AUTH_PASSWORD. The Electron desktop build is not impacted because MCP is disabled in that configuration.

Risk and Exploitability

The CVSS score of 6.9 places this vulnerability in the moderate severity range, and the EPSS score is not available, indicating no current data on exploitation probability. The attack vector is inferred to be remote and unauthenticated due to the open /mcp endpoint; no KEV listing suggests no well‑known exploits have surfaced yet. Nevertheless, the flaw provides a clear path to elevated privileges, making it a significant risk especially in environments where the operator’s LLM keys need protection.

Generated by OpenCVE AI on June 30, 2026 at 22:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Presenton to version 0.8.8‑beta or later where the MCP endpoint is protected.
  • If immediate upgrade is not possible, disable the MCP server or block external access to the /mcp path via firewall or reverse‑proxy rules.
  • Ensure session authentication is configured correctly and monitor logs for unexplained MCP activity to detect potential unauthorized use.

Generated by OpenCVE AI on June 30, 2026 at 22:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).
Title Presenton < 0.8.8-beta - Authentication Bypass of Session Auth via Unprotected MCP Endpoint
First Time appeared Presenton
Presenton presenton
Weaknesses CWE-306
CPEs cpe:2.3:a:presenton:presenton:*:*:*:*:*:*:*:*
Vendors & Products Presenton
Presenton presenton
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Presenton Presenton
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-30T21:05:15.949Z

Reserved: 2026-06-30T19:09:07.025Z

Link: CVE-2026-58446

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T22:30:06Z

Weaknesses
  • CWE-306

    Missing Authentication for Critical Function