DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-68QG-G8MG-6PR7: GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain

#security #cve #cybersecurity #ghsa

GHSA-68QG-G8MG-6PR7: Unauthenticated Remote Code Execution in Paperclip via Authorization Bypass Chain

Vulnerability ID: GHSA-68QG-G8MG-6PR7
CVSS Score: 10.0
Published: 2026-04-10

A critical vulnerability chain in the Paperclip platform allows an unauthenticated, remote attacker to execute arbitrary system commands on the host operating system. The vulnerability resides within the @paperclipai/server package and involves unrestricted account registration, authorization bypass in token generation, improper access control on administrative API endpoints, and command injection via unvalidated agent configurations.

TL;DR

Unauthenticated remote code execution in Paperclip via a four-step exploit chain involving open sign-ups, token self-approval, import access control bypass, and process adapter command injection.

⚠️ Exploit Status: POC

Technical Details

  • Vulnerability Type: Improper Authorization to Remote Code Execution
  • CWE ID: CWE-285
  • CVSS v3.1 Score: 10.0
  • Attack Vector: Network
  • Privileges Required: None
  • User Interaction: None
  • Exploit Status: Proof of Concept Available

Affected Systems

  • Paperclip (@paperclipai/server)
  • Paperclip (paperclipai)
  • @paperclipai/server: < 2026.410.0 (Fixed in: 2026.410.0)
  • paperclipai: < 2026.410.0 (Fixed in: 2026.410.0)

Mitigation Strategies

  • Upgrade the @paperclipai/server and paperclipai packages to version 2026.410.0 or later.
  • Set the PAPERCLIP_AUTH_DISABLE_SIGN_UP environment variable to true to prevent unauthorized account creation.
  • Implement strict egress network filtering to block reverse shells and unauthorized outbound data transfer.
  • Audit existing agents for unrecognized or suspicious 'process' adapter configurations.

Remediation Steps:

  1. Identify all systems running vulnerable versions of Paperclip.
  2. Execute the package manager update command to install version 2026.410.0.
  3. Restart the Paperclip application service to apply the updated code.
  4. Review application logs for indicators of compromise, specifically looking at POST requests to /api/companies/import and /api/cli-auth/challenges.
  5. Remove any accounts, companies, or agents created by unauthorized entities.

References

Read the full report for GHSA-68QG-G8MG-6PR7 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)