-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| backend.ai | pip | <= 25.3.3 |
Miggo AIRoot Cause AnalysisThe vulnerability CVE-2025-49652, as described by NVD and detailed in the HiddenLayer security advisory, pertains to a missing authentication for a critical function in Lablup's BackendAI, specifically affecting the user registration feature. The HiddenLayer advisory is the primary source of technical detail, stating that the API endpoint /func/auth/signup can be exploited to create user accounts arbitrarily, even if the instance is configured to disallow new registrations. This allows attackers to gain unauthorized access.
To identify the vulnerable function, the following steps were taken:
/func/auth/signup endpoint as the entry point for the exploit.lablup/backend.ai around the vulnerable version 25.3.3), API routes like /func/{service}/{operation} (e.g., /func/auth/signup) are handled by specific agent methods. The auth service and signup operation strongly point to a signup method within an authentication-related agent.ai.backend.manager.auth.AuthAgent.signup located in src/ai/backend/manager/auth.py as the most probable function handling requests to the /func/auth/signup endpoint.The confidence is 'Medium' because while the vulnerable endpoint is clearly identified by the advisory, the mapping to the specific Python function and method name relies on an understanding of the BackendAI framework's routing and code structure, rather than direct evidence from a patch diff. However, this function is the logical handler for the exploitable endpoint and the described vulnerable behavior (allowing signup when disabled).
PythonPythonOngoing coverage of React2Shell