GHSA-h4g2-xfmw-q2c9: Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset
Clauster versions prior to 0.2.2 that are bound to a non-loopback address and have authentication password or reverse proxy enabled but leave auth.enabled unset (default false) serve the dashboard and API without any authentication. This allows unauthenticated network attackers full control over the dashboard, including project listing, spawning/stopping remote-control bridges, editing files, reading logs, and cloning repositories. Loopback-only deployments are not affected. A patch is planned to enforce authentication validation strictly. Workarounds include setting auth.enabled to true or binding to loopback only.
AI Analysis
Technical Summary
A vulnerability in Clauster (≤0.2.1) occurs when the instance is bound to a non-loopback address and authentication is partially configured (password or reverse proxy enabled) but the auth.enabled flag remains false (default). The runtime authentication guard only enforces authentication if auth.enabled is true, otherwise it allows all requests unauthenticated. The configuration validator does not require auth.enabled to be true when password or reverse proxy authentication is set, resulting in a misconfiguration that exposes the dashboard and API without authentication. This enables unauthenticated attackers with network access to fully control the dashboard and execute code remotely via Claude Code bridges. Loopback-only deployments are unaffected. A patch release will enforce fail-closed validation requiring auth.enabled to be true for non-loopback binds with authentication settings. Documentation and Docker defaults have been updated accordingly.
Potential Impact
Unauthenticated attackers with network access to a Clauster instance bound to a non-loopback address and misconfigured authentication can gain full control over the dashboard and API. They can list projects, spawn or stop remote-control bridges that execute code in project directories, edit files, read logs, and clone repositories. This effectively allows remote code execution within the context of the project directories. Loopback-only deployments are not impacted. The vulnerability arises from a configuration validation flaw combined with runtime enforcement logic.
Mitigation Recommendations
A patch release is planned that will enforce strict configuration validation requiring auth.enabled to be true when authentication is configured on non-loopback binds. Until the patch is available, operators should explicitly set auth.enabled: true in their configuration alongside existing auth.password_required and password hash or reverse proxy settings. Alternatively, bind Clauster to the loopback interface only and access it through an SSH tunnel or trusted authenticating reverse proxy. The updated documentation and Docker usage instructions reflect these mitigations.
GHSA-h4g2-xfmw-q2c9: Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset
Description
Clauster versions prior to 0.2.2 that are bound to a non-loopback address and have authentication password or reverse proxy enabled but leave auth.enabled unset (default false) serve the dashboard and API without any authentication. This allows unauthenticated network attackers full control over the dashboard, including project listing, spawning/stopping remote-control bridges, editing files, reading logs, and cloning repositories. Loopback-only deployments are not affected. A patch is planned to enforce authentication validation strictly. Workarounds include setting auth.enabled to true or binding to loopback only.
CVSS v4.0
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A vulnerability in Clauster (≤0.2.1) occurs when the instance is bound to a non-loopback address and authentication is partially configured (password or reverse proxy enabled) but the auth.enabled flag remains false (default). The runtime authentication guard only enforces authentication if auth.enabled is true, otherwise it allows all requests unauthenticated. The configuration validator does not require auth.enabled to be true when password or reverse proxy authentication is set, resulting in a misconfiguration that exposes the dashboard and API without authentication. This enables unauthenticated attackers with network access to fully control the dashboard and execute code remotely via Claude Code bridges. Loopback-only deployments are unaffected. A patch release will enforce fail-closed validation requiring auth.enabled to be true for non-loopback binds with authentication settings. Documentation and Docker defaults have been updated accordingly.
Potential Impact
Unauthenticated attackers with network access to a Clauster instance bound to a non-loopback address and misconfigured authentication can gain full control over the dashboard and API. They can list projects, spawn or stop remote-control bridges that execute code in project directories, edit files, read logs, and clone repositories. This effectively allows remote code execution within the context of the project directories. Loopback-only deployments are not impacted. The vulnerability arises from a configuration validation flaw combined with runtime enforcement logic.
Mitigation Recommendations
A patch release is planned that will enforce strict configuration validation requiring auth.enabled to be true when authentication is configured on non-loopback binds. Until the patch is available, operators should explicitly set auth.enabled: true in their configuration alongside existing auth.password_required and password hash or reverse proxy settings. Alternatively, bind Clauster to the loopback interface only and access it through an SSH tunnel or trusted authenticating reverse proxy. The updated documentation and Docker usage instructions reflect these mitigations.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-h4g2-xfmw-q2c9
- Osv Schema Version
- 1.4.0
- Aliases
- []
- Ecosystems
- ["PyPI"]
- Database Specific Severity
- HIGH
- Cvss Version
- 4.0
Threat ID: 6a520eb168715ace438f4ff3
Added to database: 07/11/2026, 09:36:49 UTC
Last enriched: 07/11/2026, 09:48:45 UTC
Last updated: 07/12/2026, 03:33:10 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.