HKUDS OpenHarness Default Config Exposes Systems (CVE-2026-6823)

/HIGH /CVSS 8.2/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycwe-276
HKUDS OpenHarness Default Config Exposes Systems (CVE-2026-6823)

The National Vulnerability Database has issued an advisory for CVE-2026-6823, impacting HKUDS OpenHarness prior to PR #147. This high-severity vulnerability (CVSS 8.2) stems from an insecure default configuration where remote channels are set with allow_from = ["*"]. This permits arbitrary remote senders to bypass admission checks, granting unauthorized access.

Attackers who can reach the configured channel effectively bypass critical access controls. This allows them to interact with host-backed agent runtimes, according to the National Vulnerability Database. The immediate consequence is potential unauthorized file disclosure and read access through default-enabled read-only tools.

This isn’t a complex exploit; it’s a simple misconfiguration that opens the door. Defenders need to recognize that default-open settings are a gift to attackers. The attacker’s calculus is straightforward: find a reachable OpenHarness instance, leverage the default configuration, and start exfiltrating data. It’s low-effort, high-reward, particularly in environments where OpenHarness might be used for automation or data processing.

What This Means For You

  • If your organization uses HKUDS OpenHarness, immediately verify your configurations. Any instance prior to PR #147 is vulnerable if `allow_from = ["*"]` is present on remote channels. This is not a theoretical risk; it's a direct path to data exposure. Audit your systems for OpenHarness installations and ensure this insecure default has been remediated.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1078.004 Abuse Elevation Control Mechanism: Sudo and Sudo Caching Privilege Escalation T1560.001 Archive Collected Data: Archive via Utility Collection

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

CVE-2026-6823 - OpenHarness Default Config Remote Channel Access

Sigma YAML — free preview
✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Export via Bot →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6823 Misconfiguration HKUDS OpenHarness prior to PR #147
CVE-2026-6823 Information Disclosure remote channels inherit allow_from = ["*"]
CVE-2026-6823 Auth Bypass arbitrary remote senders to pass admission checks

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 22, 2026 at 00:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

Critical AVideo XSS Vulnerability Exposes Admin Settings

CVE-2026-40925 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, `objects/configurationUpdate.json.php` (also routed via `/updateConfig`) persists dozens of global site...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

Critical RCE in AVideo YPTSocket Plugin: Unauthenticated Account Takeover

CVE-2026-40911 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

CRITICAL SQLi in ElectricSQL: Full Database Compromise

CVE-2026-40906 — Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1/shape API is vulnerable to error-based...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma