{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3aopenremoteopenremote/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openremote:openremote:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":7.6,"id":"CVE-2026-40882"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenRemote Agent (\u003c= 1.24.1)"],"_cs_severities":["high"],"_cs_tags":["xxe","arbitrary-file-read","ssrf","openremote","iot","vulnerability","incomplete-fix"],"_cs_type":"advisory","_cs_vendors":["OpenRemote"],"content_html":"\u003cp\u003eOpenRemote, an open-source IoT platform, has an incomplete fix for a previously identified XML External Entity (XXE) vulnerability, CVE-2026-40882. The original patch for CVE-2026-40882 only secured the Velbus asset import handler, leaving the \u003ccode\u003eKNXProtocol\u003c/code\u003e handler vulnerable to arbitrary file read. Versions up to and including 1.24.1 of the \u003ccode\u003eopenremote-agent\u003c/code\u003e module are affected by this newly identified vulnerability, tracked as CVE-2026-54640. An authenticated, non-administrative user can exploit this flaw by uploading a specially crafted ETS project ZIP file containing malicious XML. This allows attackers to read arbitrary files from the server's filesystem, including \u003ccode\u003e/etc/passwd\u003c/code\u003e, application configuration files with credentials, or even leverage Server-Side Request Forgery (SSRF) to access internal network resources or cloud metadata endpoints. This poses a significant risk to the confidentiality of sensitive data and can lead to further compromise of the OpenRemote instance and its underlying infrastructure.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn authenticated, non-administrative attacker sends an HTTP POST request to the \u003ccode\u003e/api/{realm}/agent/{agentId}/import\u003c/code\u003e endpoint with a malicious ETS project ZIP file as \u003ccode\u003efileData\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe OpenRemote \u003ccode\u003eAgentResourceImpl.doProtocolAssetImport()\u003c/code\u003e method receives the \u003ccode\u003efileData\u003c/code\u003e and passes it to \u003ccode\u003eKNXProtocol.startAssetImport()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eKNXProtocol\u003c/code\u003e extracts the \u003ccode\u003e0.xml\u003c/code\u003e file from the attacker-controlled ZIP archive using a \u003ccode\u003eZipInputStream\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe content of \u003ccode\u003e0.xml\u003c/code\u003e is processed by the Saxon \u003ccode\u003eTransformerFactoryImpl.newTransformer()\u003c/code\u003e and \u003ccode\u003etransform()\u003c/code\u003e methods without XXE protection, allowing external entities to be resolved.\u003c/li\u003e\n\u003cli\u003eSeparately, \u003ccode\u003eXMLInputFactory.newInstance().createXMLStreamReader()\u003c/code\u003e also processes the \u003ccode\u003e0.xml\u003c/code\u003e content without XXE protection.\u003c/li\u003e\n\u003cli\u003eBoth XML parsers resolve an external entity defined in the malicious \u003ccode\u003e0.xml\u003c/code\u003e (e.g., \u003ccode\u003e\u0026lt;!ENTITY xxe SYSTEM \u0026quot;file:///etc/passwd\u0026quot;\u0026gt;\u003c/code\u003e), leading to arbitrary file read.\u003c/li\u003e\n\u003cli\u003eThe contents of the arbitrary file are returned to the attacker within the response of the import process or are processed in a way that allows exfiltration.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation results in the attacker obtaining sensitive information from the server filesystem or probing internal network resources via SSRF.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis vulnerability allows any authenticated user, even without administrative privileges, to read arbitrary files from the server filesystem. This includes critical system files like \u003ccode\u003e/etc/passwd\u003c/code\u003e, enabling user enumeration and reconnaissance. More significantly, it allows access to application configuration files (e.g., \u003ccode\u003eopenmrs-runtime.properties\u003c/code\u003e) that might contain sensitive database credentials, API keys, or other secrets. The potential for Server-Side Request Forgery (SSRF) further broadens the attack surface, allowing attackers to query cloud provider metadata endpoints (e.g., \u003ccode\u003ehttp://169.254.169.254/\u003c/code\u003e) for cloud credentials or access internal services reachable from the vulnerable OpenRemote server. The vulnerability is present in a core protocol handler (\u003ccode\u003eKNXProtocol\u003c/code\u003e) shipped with the OpenRemote agent module, making all default installations running affected versions susceptible to this critical data exfiltration risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-54640 immediately:\u003c/strong\u003e Upgrade the \u003ccode\u003eio.openremote:openremote-agent\u003c/code\u003e module to a version patched against CVE-2026-54640.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview and audit configurations:\u003c/strong\u003e Conduct an audit of all OpenRemote instances to identify any running \u003ccode\u003eopenremote-agent\u003c/code\u003e modules and verify their versions, applying the necessary updates.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImplement network segmentation:\u003c/strong\u003e Restrict network access to cloud metadata endpoints and internal services from OpenRemote servers to mitigate the impact of potential SSRF exploitation, as mentioned in the Impact section.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEnable webserver logging for API POST requests:\u003c/strong\u003e Implement detailed logging for POST requests to \u003ccode\u003e/api/{realm}/agent/{agentId}/import\u003c/code\u003e on your web servers (e.g., NGINX, Apache, IIS). Monitor for unusually large or malformed XML payloads within the fileData parameter that might indicate attempted XXE exploitation, although this may require deep packet inspection or WAF capabilities.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eApply WAF rules for XXE:\u003c/strong\u003e Configure your Web Application Firewall (WAF) to detect and block XML External Entity (XXE) injection attempts in XML content submitted to the affected \u003ccode\u003e/api\u003c/code\u003e endpoints, specifically looking for \u003ccode\u003e\u0026lt;!DOCTYPE\u003c/code\u003e declarations containing \u003ccode\u003eSYSTEM\u003c/code\u003e or \u003ccode\u003ePUBLIC\u003c/code\u003e identifiers.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-06T20:59:11Z","date_published":"2026-07-06T20:59:11Z","id":"https://feed.craftedsignal.io/briefs/2026-07-openremote-xxe-incomplete-fix/","summary":"An incomplete fix for CVE-2026-40882 in OpenRemote's KNXProtocol module (specifically in versions \u003c= 1.24.1 of the agent module) allows authenticated users to perform an XML External Entity (XXE) injection, enabling arbitrary file read from the server's filesystem, including sensitive configuration files and potentially leading to server-side request forgery (SSRF) against cloud metadata endpoints or internal services, without requiring administrator access.","title":"OpenRemote Incomplete Fix for XXE in KNXProtocol Leads to Arbitrary File Read (CVE-2026-54640)","url":"https://feed.craftedsignal.io/briefs/2026-07-openremote-xxe-incomplete-fix/"}],"language":"en","title":"CraftedSignal Threat Feed - Cpe:2.3:a:openremote:openremote:*:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}