Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-64706

CVE-2025-64706: Typebot Auth Bypass Vulnerability

CVE-2025-64706 is an authentication bypass flaw in Typebot that allows attackers to delete and retrieve any user's API tokens through IDOR. This article covers the technical details, affected versions, impact, and mitigation.

Published:

CVE-2025-64706 Overview

CVE-2025-64706 is an Insecure Direct Object Reference (IDOR) vulnerability in Typebot, an open-source chatbot builder. The flaw exists in the API token management endpoint across versions 3.9.0 through 3.12.x. An authenticated attacker can delete any user's API token and retrieve its value by supplying the target user's ID and token ID. The endpoint performs no authorization checks tying the token to the requesting user. Version 3.13.0 resolves the issue.

Critical Impact

Authenticated attackers can hijack API tokens belonging to other Typebot users, gaining their identity and access to associated chatbot workflows and data.

Affected Products

  • Typebot versions 3.9.0 through 3.12.x
  • Self-hosted Typebot deployments running affected releases
  • Typebot cloud tenants on pre-3.13.0 builds

Discovery Timeline

  • 2025-11-13 - CVE-2025-64706 published to NVD
  • 2026-01-30 - Last updated in NVD database

Technical Details for CVE-2025-64706

Vulnerability Analysis

The vulnerability stems from missing authorization enforcement on Typebot's API token management endpoint. The endpoint accepts a user ID and token ID as parameters when handling deletion requests. It then returns the deleted token's value in the response. The handler does not validate that the authenticated session owns the referenced token or user account.

This pattern matches both [CWE-284] Improper Access Control and [CWE-639] Authorization Bypass Through User-Controlled Key. Any authenticated Typebot user can iterate or guess token and user identifiers to harvest tokens belonging to others. Recovered tokens grant the attacker the victim's API privileges, enabling chatbot manipulation, data exfiltration, and integration abuse.

Root Cause

The API token deletion route trusts client-supplied identifiers without cross-checking them against the session principal. Authorization logic that should bind the operation to the requesting account is absent. Returning the deleted token's secret value in the response further amplifies the impact beyond a simple destructive action.

Attack Vector

Exploitation requires network access to the Typebot API and a valid authenticated session. The attacker submits a delete request to the token management endpoint, supplying the victim's user ID and token ID. The server processes the operation and returns the token value, which the attacker can replay against any Typebot API consuming that credential. Refer to the GitHub Security Advisory GHSA-grx8-g27p-8hpp for the maintainer's technical write-up.

Detection Methods for CVE-2025-64706

Indicators of Compromise

  • Unexpected DELETE requests against Typebot API token management routes referencing user IDs that do not match the authenticated session
  • API token rotation or disappearance events not initiated by the legitimate token owner
  • Successful Typebot API calls originating from new IP addresses or user agents immediately after a token deletion event

Detection Strategies

  • Correlate Typebot application logs to flag token deletion requests where the acting user differs from the token owner
  • Alert on HTTP responses from token management endpoints that return non-empty token secrets
  • Baseline normal token lifecycle activity per user and surface deviations such as bulk deletions

Monitoring Recommendations

  • Forward Typebot application and reverse proxy logs to a centralized SIEM for retention and query
  • Monitor outbound API calls authenticated with Typebot tokens for sudden changes in source or behavior
  • Review audit trails for the workspaces and bots associated with any rotated token

How to Mitigate CVE-2025-64706

Immediate Actions Required

  • Upgrade Typebot to version 3.13.0 or later without delay
  • Rotate all existing Typebot API tokens after upgrading and invalidate any tokens that may have been exposed
  • Audit recent token deletion and creation events for unauthorized activity across all user accounts
  • Restrict network exposure of the Typebot management API to trusted networks where feasible

Patch Information

The maintainers fixed the IDOR by enforcing ownership checks on the token management endpoint in Typebot 3.13.0. Self-hosted operators should pull the updated container image or source release and redeploy. Full remediation details are documented in the GitHub Security Advisory GHSA-grx8-g27p-8hpp.

Workarounds

  • Place the Typebot API behind an authenticating reverse proxy that restricts token management routes to administrators until the upgrade is applied
  • Temporarily disable API token issuance for non-essential users to limit the pool of credentials at risk
  • Apply web application firewall rules that block requests to the token management endpoint where the path-supplied user ID does not match the session identity

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.