HarborGuard / CVE
Back to search
HIGHCVE-2026-45088Published Modified CNA GitHub_M

CVE-2026-45088: Dalfox: Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` in Dalfox Server Mode

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to voltFile.ReadLinesOrLiteral, which reads lines from any file path accessible to the dalfox process and embeds each line as an XSS payload in outbound HTTP requests directed at the attacker-controlled target URL. Because the server has no API key by default, an unauthenticated network attacker can exfiltrate the contents of arbitrary files on the dalfox host by reading them line-by-line through scan traffic. This vulnerability is fixed in 2.13.0.

HarborGuard Analysis

HarborGuard analysis

Synopsis

An unauthenticated arbitrary file read vulnerability exists in Dalfox, the open-source XSS scanning tool, when it is run in REST API server mode. A remote attacker with network access to the server can send a crafted JSON request body that sets the custom-payload-file field to any file path readable by the Dalfox process, causing the engine to embed file contents line-by-line into outbound scan requests directed at an attacker-controlled URL. Successful exploitation lets the attacker exfiltrate the full contents of sensitive files from the host without any credentials. No fix version has been published yet; HarborGuard tracks this advisory and will surface a patched-image rebuild the moment an upstream fix is released.

HarborGuard Coverage

Detection

Detection of CVE-2026-45088 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in registries and CI/CD pipelines, including custom-built images that bundle Dalfox. Any image running a Dalfox version below 2.13.0 in server mode is flagged automatically.

Available
Triage

Triage is available using the CVSS v3.1 score of 7.5 (HIGH), with per-environment compliance policy weighting applied on top of the base score to adjust priority. Findings are routed to the appropriate team inbox within each customer organization based on the policy configuration in place.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment an upstream release is confirmed. In the interim, customers can apply compensating controls through HarborGuard network-policy recommendations, such as restricting inbound access to the Dalfox REST API port to trusted sources only.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Dalfox REST API server over the network; the vulnerable endpoint is exposed on whatever port the server binds to.

  • AuthenticationNot required

    No API key or authentication credential is required by default, so any network-reachable client can send exploit requests.

  • Victim interactionNot required

    The attacker sends a single crafted HTTP request with no need for any action by a legitimate user or administrator.

  • Attack complexityDetail

    Exploitation is reliable and condition-free; the attacker only needs to craft a valid JSON body with a file path, and the server reads and exfiltrates the file without further prerequisites.

Blast Radius

  • Reads arbitrary files accessible to the Dalfox process, including application secrets, environment files, and SSH or cloud-credential files on the host.
  • Exfiltrates file contents line-by-line through outbound HTTP scan requests to an attacker-controlled target URL, bypassing any inbound firewall rules.
  • Exposes container runtime secrets such as service account tokens mounted at well-known paths inside the container filesystem.

How HarborGuard Handles This

Available on HarborGuard: because no patched version of Dalfox exists yet, HarborGuard continuously re-checks the advisory on every ingest cycle and will surface a rebuilt image at the fix version the moment upstream publishes one. For customers with auto-remediation enabled, that rebuild will trigger a regression test run and open a PR against affected workloads automatically, with no manual intervention required. While the fix is pending, HarborGuard surfaces compensating-control guidance: restrict inbound access to the Dalfox REST API port to known trusted IP ranges using network policy, enable egress filtering to block outbound scan traffic to unrecognized destinations, and consider disabling server mode entirely in environments where it is not operationally required. Customers can configure policy-weighted alerting so that any newly detected image running the vulnerable version routes immediately to the security inbox for the affected team.

See how HarborGuard automates this

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1
Affected packages
  • hahwul / dalfox
    < 2.13.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References