CVE-2026-45088 Overview
CVE-2026-45088 is a file read vulnerability in Dalfox, an open-source Cross-Site Scripting (XSS) scanner and automation utility. The flaw affects Dalfox versions prior to 2.13.0 when running in REST API server mode. The custom-payload-file field in model.Options is deserialized directly from an attacker's JSON request body and passed unchanged into the scan engine. Because the REST API server ships without an API key by default, an unauthenticated network attacker can read arbitrary files accessible to the Dalfox process. The vulnerability is categorized under [CWE-73] External Control of File Name or Path.
Critical Impact
An unauthenticated network attacker can exfiltrate the contents of arbitrary files from the Dalfox host through scan traffic directed at attacker-controlled targets.
Affected Products
- Dalfox versions prior to 2.13.0
- Dalfox REST API server mode deployments
- Hosts running Dalfox without API key authentication configured
Discovery Timeline
- 2026-05-27 - CVE-2026-45088 published to NVD
- 2026-05-27 - Last updated in NVD database
Technical Details for CVE-2026-45088
Vulnerability Analysis
Dalfox exposes a REST API server mode that accepts scan configuration via JSON request bodies. The model.Options struct contains a JSON-tagged custom-payload-file field intended to point at a local file containing XSS payloads. When deserialized from an HTTP request, the value flows through dalfox.Initialize into the scan engine without sanitization or path restriction.
The scan engine passes the supplied path to voltFile.ReadLinesOrLiteral, which reads each line from the referenced file. Every line is then embedded as an XSS payload inside outbound HTTP requests sent to the scan target. When the target URL is attacker-controlled, the attacker observes file contents arriving as request parameters or body content. This effectively converts the scanner into a file-exfiltration primitive.
Root Cause
The root cause is unsanitized acceptance of a local file path from an untrusted network source. The API server has no default authentication, so the trust boundary that would normally protect the custom-payload-file parameter does not exist. Any file readable by the Dalfox process user — including /etc/passwd, configuration files, SSH keys, or application secrets — can be referenced and read line by line.
Attack Vector
An attacker sends a crafted JSON request to the Dalfox REST API endpoint. The request specifies custom-payload-file pointing to a sensitive file on disk and sets the scan target to a URL under the attacker's control. Dalfox reads the file, then issues HTTP requests to the attacker's server with each file line embedded as an XSS payload. The attacker reconstructs the file contents from inbound web server logs. No credentials, user interaction, or local access are required.
No verified exploit code is published. See the GitHub Security Advisory GHSA-35wr-x7v6-9fv2 for upstream technical details.
Detection Methods for CVE-2026-45088
Indicators of Compromise
- Inbound HTTP requests to the Dalfox REST API endpoint containing custom-payload-file JSON fields referencing system paths such as /etc/passwd, /root/.ssh/, or application configuration directories.
- Outbound HTTP traffic from the Dalfox host to unfamiliar external domains containing fragments of file content in query parameters or POST bodies.
- Dalfox process accessing files outside its expected payload directories.
Detection Strategies
- Inspect HTTP request bodies destined for Dalfox API listeners and alert on custom-payload-file values that reference paths outside the dedicated payload directory.
- Correlate file access events on the Dalfox host with outbound HTTP scan traffic to detect file content leaving the system through scanner channels.
- Monitor for Dalfox API server instances exposed to untrusted networks without an API key configured.
Monitoring Recommendations
- Log all REST API requests to Dalfox at the reverse proxy or host firewall and retain bodies for forensic review.
- Alert on Dalfox processes reading sensitive files such as /etc/shadow, private key material, or cloud credential files.
- Track outbound connections from Dalfox hosts and baseline expected target domains to surface anomalous exfiltration destinations.
How to Mitigate CVE-2026-45088
Immediate Actions Required
- Upgrade Dalfox to version 2.13.0 or later on every host where the REST API server mode is used.
- Restrict network access to the Dalfox API listener so that only trusted operators can reach it, using firewall rules or a private network segment.
- Configure an API key on the Dalfox REST API server and rotate any keys that may have been exposed.
- Audit the Dalfox host for evidence of unauthorized file reads by reviewing process and network logs.
Patch Information
The vulnerability is fixed in Dalfox 2.13.0. Release notes and the patched binary are available at the GitHub dalfox Release v2.13.0 page. Coordinated disclosure details are documented in the GitHub Security Advisory GHSA-35wr-x7v6-9fv2.
Workarounds
- Do not expose the Dalfox REST API server to untrusted networks; bind the listener to 127.0.0.1 and access it through SSH tunnels or a VPN.
- Run Dalfox under a dedicated unprivileged user account that has read access only to its payload directory.
- Disable REST API server mode entirely when not in active use and rely on the command-line interface for scans.
# Configuration example: bind Dalfox API to localhost and require an API key
dalfox server --host 127.0.0.1 --port 6664 --api-key "$(openssl rand -hex 32)"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
