CVE-2026-58122: Hermes WebUI Authentication Bypass via Spoofed X-Forwarded-For Header
CVE-2026-58122 describes an authentication bypass vulnerability in Hermes WebUI before version 0.51.307, allowing unauthenticated remote attackers to bypass local-origin IP restrictions on onboarding endpoints by spoofing the X-Forwarded-For header with a loopback address, leading to server-side request forgery (SSRF), API key overwrites, and persistent access token acquisition.
Unauthenticated remote attackers can exploit CVE-2026-58122, an authentication bypass vulnerability affecting Hermes WebUI versions prior to 0.51.307. This vulnerability allows attackers to circumvent local-origin IP restrictions on specific "onboarding endpoints" by manipulating the X-Forwarded-For HTTP header. By supplying a spoofed loopback address (e.g., 127.0.0.1) in this header, the attacker can deceive the application into believing the request originates from an internal, trusted source. This bypass facilitates server-side request forgery (SSRF), enabling attackers to interact with internal services, including sensitive cloud metadata endpoints. Successful exploitation can lead to critical consequences such as overwriting Large Language Model (LLM) provider configurations and API keys with attacker-controlled values, or initiating OAuth device-code flows to obtain persistent access tokens stored within the auth.json file.
Attack Chain
- An unauthenticated remote attacker sends an HTTP request to a vulnerable Hermes WebUI server before version 0.51.307.
- The attacker targets specific "onboarding endpoints" within the Hermes WebUI application.
- The attacker crafts the HTTP request to include a spoofed
X-Forwarded-Forheader, setting its value to a loopback address (e.g.,127.0.0.1). - The Hermes WebUI processes the spoofed header, bypassing its local-origin IP restrictions, and interprets the request as originating from a trusted internal source.
- The attacker then leverages this bypass to perform server-side request forgery (SSRF) against internal services accessible from the WebUI, including cloud metadata endpoints.
- Through the SSRF, the attacker can obtain sensitive cloud metadata or overwrite LLM provider configuration and API keys with values they control.
- Alternatively, the attacker can initiate OAuth device-code flows via SSRF to acquire persistent access tokens.
- These persistent access tokens are then stored in the
auth.jsonfile, granting the attacker persistent access to the compromised system or associated services.
Impact
The successful exploitation of CVE-2026-58122 carries severe consequences, reflected in its CVSS v3.1 Base Score of 9.1. Attackers can gain unauthorized access to internal network resources and cloud environments. This includes the potential exfiltration of sensitive cloud metadata, compromise of LLM provider configurations, and theft of API keys, which can lead to further unauthorized access to services and data. The ability to acquire persistent access tokens stored in auth.json allows for long-term compromise and control over affected systems or associated third-party integrations, resulting in data breaches, service disruptions, and potentially complete system takeover.
Recommendation
- Patch CVE-2026-58122 by upgrading Hermes WebUI to version 0.51.307 or later immediately to remediate the authentication bypass vulnerability.
- Deploy the provided Sigma rule to your SIEM solution to detect suspicious
X-Forwarded-Forheader manipulation attempts targeting onboarding endpoints. - Implement Web Application Firewall (WAF) rules to inspect and filter
X-Forwarded-Forheaders for suspicious loopback addresses or unusual patterns, especially for external-facing "onboarding endpoints." - Harden internal network segregation and endpoint security to limit the impact of successful SSRF attacks, particularly by restricting access to cloud metadata endpoints and sensitive configuration files like
auth.json.
Detection coverage 1
Detects CVE-2026-58122 Exploitation - Hermes WebUI Auth Bypass via X-Forwarded-For
highDetects CVE-2026-58122 exploitation where unauthenticated remote attackers bypass local-origin IP restrictions on Hermes WebUI onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. This indicates an attempt at SSRF.
Detection queries are available on the platform. Get full rules →