CVE ID: CVE-2025-63390 Date: 2025-12-18 Vendor: Mintplex Labs Product: AnythingLLM Affected Versions: v1.8.5 Vulnerability Type: Insecure Permissions / Authentication Bypass Severity: High (Privilege Escalation, Information Disclosure)
An authentication bypass vulnerability exists in AnythingLLM v1.8.5 via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces.
- Component:
/api/workspacesAPI endpoint, authentication middleware - Vulnerability: Missing authentication check allows unauthorized access to workspace data.
Attack Type: Remote
Attack Vectors:
An unauthenticated attacker can send HTTP GET requests to the /api/workspaces endpoint without authentication tokens or credentials. The endpoint returns a successful HTTP 200 response containing detailed workspace information.
Exposed Data:
- Workspace identifiers (id, name, slug)
- AI model configurations (chatProvider, chatModel, agentProvider)
- System prompts (openAiPrompt)
- Operational parameters (temperature, history length, similarity thresholds)
- Vector search settings, chat modes, and timestamps
Impact:
- Information Disclosure: Leakage of sensitive configuration and prompt data.
- Escalation of Privileges: Potential to gain direct access to workspace resources.
- Vendor Repository: https://github.com/Mintplex-Labs/anything-llm
- Issues: https://github.com/Mintplex-Labs/anything-llm/issues
Discovered and reported by Zhihuang Liu (herecristliu@gmail.com)