QSearchQSearch

CVE-2026-45087

10.0 CRITICAL

Dalfox is a powerful open-source XSS scanner and utility focused on automation

Published: 2026-05-27 · Last updated: 2026-05-28

Severity and scoring

CVSS
10.0 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
CWE-15, CWE-306, CWE-78

Description

Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode (dalfox server), the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options — including FoundAction and FoundActionShell — is deserialized directly from attacker-supplied JSON in POST /scan, and because dalfox.Initialize explicitly propagates those two fields into the final scan options without stripping them, any unauthenticated caller who can reach the server port can supply an arbitrary shell command that the dalfox process will execute on the host whenever a scan finding is triggered. This vulnerability is fixed in 2.13.0.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-49219 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-42563 Dulwich is a pure-Python implementation of the Git file formats and protocols
  • CVE-2026-0273 A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrict...
  • CVE-2026-6893 A flaw was found in dracut (8.8 HIGH)
  • CVE-2026-46643 Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page