Description
HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach host-backed agent runtimes, potentially leading to unauthorized file disclosure and read access through default-enabled read-only tools.
Published: 2026-04-21
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized file disclosure via remote channel access
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from OpenHarness allowing all remote senders to an inbound channel due to the default allow_from=["*"] configuration. Attackers reaching an exposed channel can therefore bypass admission checks and connect to host‑backed agent runtimes. This can enable the attacker to read files or view host‑backed agent data through read‑only tools that are enabled by default, resulting in unauthorized disclosure of sensitive information.

Affected Systems

OpenHarness software from HKUDS. The issue exists in all releases prior to the fix introduced in PR #147, which is distributed as v0.1.7 and later.

Risk and Exploitability

The CVSS score of 8.3 reflects a high severity assessment, and the EPSS score is not available, so current exploitation probability cannot be quantified. It is not listed in CISA KEV, indicating no known widespread exploitation. The vulnerability can be exploited by remote attackers who can reach a configured channel; due to the allow_from=["*"] default, they can bypass access controls and directly interact with the host‑backed agent runtime, potentially reading confidential files via default read‑only tools. The lack of an official workaround means mitigation relies on applying the vendor patch or reconfiguring channels.

Generated by OpenCVE AI on April 22, 2026 at 06:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenHarness to version 0.1.7 or later, which removes the default allow_from=["*"] setting.
  • Reconfigure existing channels to only allow trusted senders by explicitly setting allow_from to the appropriate IP or hostname values.
  • Restrict network access to the OpenHarness channel ports to known, trusted hosts using firewall or access control lists.

Generated by OpenCVE AI on April 22, 2026 at 06:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Hkuds
Hkuds openharness
Vendors & Products Hkuds
Hkuds openharness

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach host-backed agent runtimes, potentially leading to unauthorized file disclosure and read access through default-enabled read-only tools.
Title HKUDS OpenHarness Insecure Default Remote Channel Allowlist
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 8.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Hkuds Openharness
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-22T13:50:01.661Z

Reserved: 2026-04-21T20:23:55.847Z

Link: CVE-2026-6823

cve-icon Vulnrichment

Updated: 2026-04-22T13:49:57.025Z

cve-icon NVD

Status : Received

Published: 2026-04-21T21:16:48.827

Modified: 2026-04-22T14:17:07.223

Link: CVE-2026-6823

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:45:07Z

Weaknesses