Attack Chain

1. Reconnaissance: Attacker identifies a praisonai-platform instance, potentially using uvicorn praisonai_platform.api.app:app or python -m praisonai_platform.
2. Information Gathering: Attacker accesses the public source code of praisonai-platform 0.1.4 to retrieve the hardcoded JWT secret "dev-secret-change-me".
3. Credential Forgery: Attacker crafts a malicious JWT payload (e.g., {"sub": "target_user_id", "email": "victim@target", "exp": "future_timestamp"}).
4. JWT Signing: Attacker signs the crafted JWT payload using the publicly known dev-secret-change-me secret and the HS256 algorithm.
5. Authentication Bypass: Attacker sends requests to the praisonai-platform API with the forged JWT in the Authorization header. The platform's _verify_token function, also using the default secret, validates the token and authenticates the attacker as target_user_id.
6. Privilege Escalation: If the target_user_id is a known workspace owner's ID (which can be discovered from member listings or logs), the attacker gains owner-level access to the workspace.
7. Impact: Attacker leverages owner privileges to perform actions such as deleting workspaces, evicting legitimate members, or exfiltrating data, leading to resource destruction or denial of service.

Impact

Any deployment of praisonai-platform 0.1.4 that runs without explicitly setting a strong PLATFORM_JWT_SECRET is immediately vulnerable. This includes the default startup commands like python -m praisonai_platform --host 0.0.0.0 --port 8000 which do not configure the necessary environment variables. The direct consequences include complete unauthenticated authentication bypass, allowing an attacker to mint valid session tokens for any user. With a known user ID (obtainable from member lists or logs), attackers can achieve workspace-owner takeover, leading to the read, update, and deletion of all resources within that workspace, and member management. This enables resource destruction and lock-out, such as deleting entire workspaces or evicting legitimate users, resulting in an irrecoverable denial of service. The initial vulnerability (GHSA-3qg8) was scored 9.8 Critical on CVSS.

Recommendation

• Immediately update praisonai-platform to a version where the vulnerability is confirmed patched, or implement the suggested fix to remove the default secret and enforce PLATFORM_JWT_SECRET at startup.
• Review application logs for the presence of the RuntimeError message indicating the default secret is in use in a production environment, as described in the Detect Praisonai-Platform Default Secret Guard RuntimeError Sigma rule.
• Search code repositories and configuration files for the hardcoded secret dev-secret-change-me to ensure it's not present in active deployments.
• Deploy the Detect Praisonai-Platform Uvicorn Default Startup Sigma rule to identify systems running the vulnerable application entry point.
• Rotate all JWT signing keys if this secret has been used in any production environment, assuming compromise.