CVE-2026-45087 Overview
CVE-2026-45087 is an unauthenticated remote command execution vulnerability in Dalfox, an open-source cross-site scripting (XSS) scanner with automation features. Versions prior to 2.13.0 expose a REST API server that binds to 0.0.0.0:6664 by default and requires no API key unless the operator passes --api-key. The server deserializes model.Options directly from attacker-supplied JSON in POST /scan, including the FoundAction and FoundActionShell fields. The dalfox.Initialize function propagates these fields into the final scan options, allowing any caller who can reach the port to execute arbitrary shell commands on the host when a scan finding triggers. The issue is fixed in Dalfox 2.13.0.
Critical Impact
Unauthenticated attackers with network access to the Dalfox REST API server can execute arbitrary shell commands on the host running the scanner.
Affected Products
- Dalfox versions prior to 2.13.0
- Dalfox REST API server mode (dalfox server)
- Deployments exposing TCP port 6664 without --api-key
Discovery Timeline
- 2026-05-27 - CVE-2026-45087 published to NVD
- 2026-05-27 - Last updated in NVD database
Technical Details for CVE-2026-45087
Vulnerability Analysis
Dalfox provides a REST API server mode invoked through dalfox server. When started, the server binds to 0.0.0.0:6664 and accepts requests without authentication unless the operator explicitly supplies --api-key. The POST /scan endpoint accepts a JSON body that maps directly to the internal model.Options structure. Two fields in that structure, FoundAction and FoundActionShell, define an external command and shell to execute when the scanner identifies a finding. Because dalfox.Initialize forwards both fields into the active scan configuration without sanitization, an attacker controls the command Dalfox spawns on the host. The flaw is classified under [CWE-15] (External Control of System or Configuration Setting) and yields full integrity, confidentiality, and availability loss on the host.
Root Cause
The root cause is unauthenticated, attacker-controlled deserialization of security-sensitive configuration. The REST API trusts JSON input to populate the same options structure used by the command-line interface. Sensitive fields that drive shell execution are never stripped or validated before reaching the scan pipeline.
Attack Vector
An attacker sends a single HTTP POST request to the exposed Dalfox port with a JSON payload that sets FoundActionShell to a shell such as /bin/sh -c and FoundAction to an arbitrary command. The attacker then triggers a scan against any target that produces a finding. When the finding fires, Dalfox executes the attacker-supplied command with the privileges of the Dalfox process. No credentials, user interaction, or prior access are required. See the GitHub Security Advisory GHSA-v25v-m36w-jp4h for technical details.
Detection Methods for CVE-2026-45087
Indicators of Compromise
- Inbound HTTP requests to TCP port 6664 from untrusted networks targeting the /scan endpoint.
- Dalfox process spawning unexpected child processes such as sh, bash, curl, wget, or nc.
- Outbound network connections initiated by the Dalfox process to attacker-controlled infrastructure.
- New cron jobs, SSH keys, or persistence artifacts created by the user account running Dalfox.
Detection Strategies
- Inspect HTTP request bodies sent to port 6664 for the JSON keys FoundAction and FoundActionShell.
- Alert on Dalfox binary executions whose parent-child process tree includes shell interpreters.
- Correlate scan request timestamps with process creation events on hosts running dalfox server.
Monitoring Recommendations
- Forward endpoint process telemetry and network flow logs from Dalfox hosts to a centralized analytics platform.
- Monitor binding of Dalfox to 0.0.0.0 and flag any instance reachable beyond localhost.
- Track installed Dalfox versions across the environment and alert on versions earlier than 2.13.0.
How to Mitigate CVE-2026-45087
Immediate Actions Required
- Upgrade Dalfox to version 2.13.0 or later on all systems running the REST API server.
- Restrict network access to TCP port 6664 to trusted management hosts using host or network firewalls.
- Stop any dalfox server processes that are exposed to untrusted networks until patched.
- Review host logs for unexpected child processes of Dalfox and rotate credentials reachable from the host.
Patch Information
The maintainers fixed the vulnerability in Dalfox 2.13.0. The release strips FoundAction and FoundActionShell from REST API input so they cannot be controlled by remote callers. Download details are available in the GitHub Dalfox Release v2.13.0 notes.
Workarounds
- Bind the Dalfox server to 127.0.0.1 instead of 0.0.0.0 so it is not reachable from remote networks.
- Always start the server with --api-key and use a high-entropy key when the REST API must be exposed.
- Run Dalfox as a low-privilege user inside a container without access to sensitive host paths or credentials.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
