CVE-2026-40882 Overview
CVE-2026-40882 is an XML External Entity (XXE) vulnerability [CWE-611] in OpenRemote, an open-source Internet of Things (IoT) platform. The flaw resides in the Velbus asset import path, which parses attacker-controlled XML without explicit XXE hardening. Authenticated users with access to the import endpoint can trigger external entity resolution. Successful exploitation enables server-side file disclosure and Server-Side Request Forgery (SSRF). Targeted files must be smaller than 1023 characters. OpenRemote version 1.22.0 remediates the issue.
Critical Impact
Authenticated attackers can read local server files and pivot to internal network resources through SSRF via the Velbus XML import endpoint.
Affected Products
- OpenRemote versions prior to 1.22.0
- OpenRemote Velbus asset import functionality
- Deployments exposing the import endpoint to authenticated users
Discovery Timeline
- 2026-04-22 - CVE-2026-40882 published to the National Vulnerability Database (NVD)
- 2026-04-24 - Last updated in NVD database
Technical Details for CVE-2026-40882
Vulnerability Analysis
The vulnerability stems from an unsafe XML parser configuration in the Velbus asset import workflow. The parser accepts user-supplied XML and resolves external entities by default. An authenticated user submits a crafted XML document referencing external SYSTEM entities. The parser fetches the referenced resource and embeds its content into the parsed document.
This behavior enables two primary attack outcomes. First, attackers can disclose files readable by the OpenRemote service account, limited to content under 1023 characters. Second, attackers can coerce the server to issue outbound HTTP, FTP, or other protocol requests, achieving SSRF against internal services.
The vulnerability requires authentication and low attack complexity. Confidentiality impact is high, while integrity and availability impacts are limited.
Root Cause
The Velbus import code path uses a default XML parser without disabling Document Type Definition (DTD) processing or external entity resolution. The parser honors SYSTEM and PUBLIC identifiers within <!ENTITY> declarations. OpenRemote did not apply hardening flags such as FEATURE_SECURE_PROCESSING or disable external general entities before parsing untrusted input.
Attack Vector
An authenticated attacker submits a malicious XML payload to the Velbus asset import endpoint. The payload defines an external entity pointing to a local file path or internal URL. When the parser resolves the entity, the returned data is reflected in error responses or embedded asset fields. The attacker collects disclosed file contents or observes side effects of internal requests issued by the server.
The vulnerability is described in the GitHub Security Advisory GHSA-g24f-mgc3-jwwc. No public proof-of-concept code is currently available.
Detection Methods for CVE-2026-40882
Indicators of Compromise
- Unexpected HTTP requests to the Velbus asset import endpoint from authenticated user sessions
- Outbound DNS or HTTP requests from the OpenRemote server to attacker-controlled domains
- XML payloads in request bodies containing <!ENTITY or SYSTEM declarations
- Server-side log entries referencing failed file reads or unusual file://, http://, or ftp:// URI access
Detection Strategies
- Inspect application logs for XML imports containing DOCTYPE declarations or external entity references
- Monitor egress network traffic from OpenRemote hosts for connections to unexpected internal or external destinations
- Alert on authenticated API calls to Velbus import paths from unusual user accounts or IP addresses
- Correlate import endpoint usage with subsequent file system access patterns on the host
Monitoring Recommendations
- Enable verbose audit logging for the Velbus import endpoint and retain logs for forensic review
- Deploy network sensors to capture outbound traffic originating from the OpenRemote application server
- Track changes in authenticated user behavior, particularly accounts with import privileges
- Review web application firewall (WAF) logs for blocked XML payloads referencing external entities
How to Mitigate CVE-2026-40882
Immediate Actions Required
- Upgrade OpenRemote to version 1.22.0 or later, which disables external entity resolution in the Velbus import path
- Restrict access to the Velbus asset import endpoint to trusted administrative accounts only
- Audit existing user accounts with import privileges and remove unnecessary access
- Review server file system permissions to limit data readable by the OpenRemote service account
Patch Information
OpenRemote released version 1.22.0 to address CVE-2026-40882. The fix hardens the XML parser used by the Velbus import functionality to reject external entity resolution. Refer to the OpenRemote GitHub Security Advisory for upgrade guidance and release notes.
Workarounds
- Block access to the Velbus asset import endpoint at the reverse proxy or WAF layer until patching is complete
- Apply WAF rules that reject XML requests containing <!DOCTYPE or <!ENTITY declarations
- Run OpenRemote under a low-privilege service account with minimal file system read permissions
- Segment the OpenRemote host from sensitive internal services to limit SSRF impact
# Example WAF rule (ModSecurity) to block XXE payloads to the import endpoint
SecRule REQUEST_URI "@contains /velbus/import" \
"id:1040882,phase:2,deny,status:403,\
chain,msg:'Block potential XXE in OpenRemote Velbus import'"
SecRule REQUEST_BODY "@rx (?i)<!(DOCTYPE|ENTITY)" "t:none"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
