How is CVE-2026-49973 exploited?

Network reachability (required): The attacker must reach the Hermes WebUI service over the network; the vulnerable endpoint is exposed via HTTP with no network-origin restriction. Authentication (not-required): No credentials of any kind are required; the /api/settings endpoint accepts the _set_password parameter from completely unauthenticated requests. Victim interaction (not-required): The attacker sends a direct POST request to the target endpoint with no user action needed on the part of any legitimate user. Attack complexity (info): The attack itself is condition-free and reliably reproducible, though successful takeover depends on the target still being in its first-run setup window (the AT:P token in the vector reflects this situational prerequisite).

What is the impact of CVE-2026-49973?

Attacker persists an arbitrary password hash to the Hermes WebUI instance, taking full administrative control of the application. Attacker receives a valid session cookie granting authenticated access to all settings, integrations, and data visible through the WebUI. The legitimate operator is locked out of their own instance and loses the ability to administer or recover the service without out-of-band intervention. Availability impact is low rather than total: the service itself keeps running, but under attacker control rather than operator control.

Back to search

CRITICALCVE-2026-49973Published 2026-06-11Modified 2026-06-13CNA VulnCheck

CVE-2026-49973: Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

Q: What is CVE-2026-49973?

This is an improper access control vulnerability in Hermes WebUI versions before 0.51.358. The /api/settings endpoint accepts a _set_password parameter during the first-run setup window without any authentication or network-origin check, meaning any attacker who can reach the service over the network can send a single POST request to take over the instance. Successful exploitation lets the attacker set an arbitrary password hash, obtain a valid session cookie, and permanently lock out the legitimate operator. A patched-image rebuild at version 0.51.358 is available on HarborGuard for environments running an affected version.

Q: How is CVE-2026-49973 fixed?

A patched-image rebuild at Hermes WebUI 0.51.358 becomes available through HarborGuard as soon as the fix version is confirmed against affected images. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test pass, and opens a PR against affected workloads automatically.

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the _set_password parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable network can send a POST request to the settings endpoint during the first-run setup window to persist an arbitrary password hash, obtain a valid session cookie, and lock out the legitimate operator from their own instance.

CVSS v4.0: 9.2
Severity: CRITICAL
Fixed in: 0.51.358
Affected Products: 1

HarborGuard Analysis

Synopsis

This is an improper access control vulnerability in Hermes WebUI versions before 0.51.358. The /api/settings endpoint accepts a _set_password parameter during the first-run setup window without any authentication or network-origin check, meaning any attacker who can reach the service over the network can send a single POST request to take over the instance. Successful exploitation lets the attacker set an arbitrary password hash, obtain a valid session cookie, and permanently lock out the legitimate operator. A patched-image rebuild at version 0.51.358 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-49973 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including internally built images that bundle Hermes WebUI. No manual configuration is required for the match to run.

Available

Triage

HarborGuard scores this CVE at CVSS 9.2 Critical (v4.0) and applies each customer environment's compliance policy weighting to determine urgency and routing. Triage findings are delivered to the appropriate team inbox within each customer org based on configured ownership rules.

Available

Patch

A patched-image rebuild at Hermes WebUI 0.51.358 becomes available through HarborGuard as soon as the fix version is confirmed against affected images. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test pass, and opens a PR against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must reach the Hermes WebUI service over the network; the vulnerable endpoint is exposed via HTTP with no network-origin restriction.
AuthenticationNot required
No credentials of any kind are required; the /api/settings endpoint accepts the _set_password parameter from completely unauthenticated requests.
Victim interactionNot required
The attacker sends a direct POST request to the target endpoint with no user action needed on the part of any legitimate user.
Attack complexityDetail
The attack itself is condition-free and reliably reproducible, though successful takeover depends on the target still being in its first-run setup window (the AT:P token in the vector reflects this situational prerequisite).

Blast Radius

Attacker persists an arbitrary password hash to the Hermes WebUI instance, taking full administrative control of the application.
Attacker receives a valid session cookie granting authenticated access to all settings, integrations, and data visible through the WebUI.
The legitimate operator is locked out of their own instance and loses the ability to administer or recover the service without out-of-band intervention.
Availability impact is low rather than total: the service itself keeps running, but under attacker control rather than operator control.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-49973 runs automatically against all customer images containing Hermes WebUI, including custom builds, with no setup required. Where a customer's scanned image is confirmed to run a version below 0.51.358, a rebuilt image at the patched version becomes available immediately. For customers who opt into auto-remediation, HarborGuard triggers the rebuild, executes a regression test run, and opens a pull request against affected workloads; for high and critical severity issues, the median time from CVE publication to merged patch PR is around 90 minutes in environments with auto-remediation enabled. Because this vulnerability is exploitable only during the first-run setup window, customers who cannot immediately apply the patch should consider isolating the Hermes WebUI service behind a network policy that restricts inbound access to trusted operator IP ranges until the patched image is deployed.

See how HarborGuard automates this

Fix available

0.51.358

Patch commits

github.com

Affected packages

nesquena / hermes-webui
< 0.51.358 (from 0)

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available