{
  "variant_id": "cve-2026-58466-autobangumi-default-creds-bypass-variant",
  "created_at": "2026-07-03",
  "variant_summary": "Two bypasses of CVE-2026-58466 reproduced on the FIXED/LATEST AutoBangumi official Docker images. Variant 1 (bypass): the hard-coded default credentials admin/adminadmin still authenticate via POST /api/v1/auth/login on the patched :latest (=3.2.8 build) and on :3.3.0-beta.2, granting an admin JWT and full admin API access; add_default_user() and the login handler are unchanged (modulo an async DB refactor) from 3.2.6 through HEAD, so the advisory-referenced fix (commit 487bdfec, SSRF hardening of /setup/test-*) does not remediate the CVE. Variant 2 (alternate trigger): the pre-auth POST /api/v1/setup/complete endpoint on a fresh instance resets the auto-seeded admin account's username/password to attacker-chosen values WITHOUT needing the default credentials, after which the attacker logs in with their own creds and obtains full admin API access; different entry point, same fresh-instance admin-takeover impact, also reproduces on the fixed/latest version. A DEV_AUTH_BYPASS no-creds path was tested and ruled out for the official images (they ship a real VERSION; no-auth /api/v1/rss -> 401).",
  "relation": "newer_version_sibling",
  "origin_kind": "pruva_variant",
  "repository": "https://github.com/EstrellaXD/Auto_Bangumi.git",
  "submitted_target": {
    "target_kind": "docker_image",
    "commit_sha": "717ad11f7fad572ee8fe8ffe7edfe68bde9624c8",
    "version": "3.2.6",
    "ref": "3.2.6",
    "display": "ghcr.io/estrellaxd/auto_bangumi:3.2.6 (vulnerable baseline, < 3.2.8)"
  },
  "variant_target": {
    "target_kind": "docker_image",
    "commit_sha": "265b449fad6d753f061a09aaa03fcd3eb739a266",
    "version": "3.2.8",
    "ref": "3.2.8",
    "display": "ghcr.io/estrellaxd/auto_bangumi:latest (=3.2.8 build, the claimed patched version); also confirmed on :3.3.0-beta.2 (commit c8f402fd687c443d91e6c6dc3474032b9a9182eb)"
  },
  "same_root_cause_confidence": 0.9,
  "same_surface_confidence": 0.8,
  "claimed_surface": "api_remote",
  "validated_surface": "api_remote",
  "required_entrypoint_kind": "authenticate",
  "required_entrypoint_detail": "AutoBangumi FastAPI on port 7892. Variant 1: POST /api/v1/auth/login (OAuth2 password form). Variant 2: POST /api/v1/setup/complete (pre-auth JSON body on a fresh instance) followed by POST /api/v1/auth/login with the attacker-chosen creds.",
  "attacker_controlled_input": "Variant 1: publicly known default credentials admin/adminadmin submitted as the OAuth2 form to POST /api/v1/auth/login. Variant 2: attacker-chosen username/password JSON body to the pre-auth POST /api/v1/setup/complete endpoint (no credentials required).",
  "trigger_path": "V1: fresh empty DB -> startup add_default_user() seeds admin/adminadmin -> POST /api/v1/auth/login -> auth_user -> verify_password(adminadmin) succeeds -> admin JWT (sub=admin) -> token cookie grants admin API access (/api/v1/rss 200). V2: fresh empty DB -> add_default_user() seeds admin -> GET /api/v1/setup/status {need_setup:true} -> POST /api/v1/setup/complete (pre-auth) calls db.user.update_user('admin', UserUpdate(username=pwned,password=pwnedpw1)) and commits -> POST /api/v1/auth/login pwned/pwnedpw1 -> admin JWT (sub=pwned) -> /api/v1/rss 200. Both reproduce on the patched :latest (=3.2.8) and V1 also on :3.3.0-beta.2.",
  "observed_impact_class": "authz_bypass",
  "exploitability_confidence": "high",
  "evidence_scope": "production_path",
  "runtime_manifest_present": true,
  "end_to_end_target_reached": true,
  "inferred": false,
  "claim_block_reason": null,
  "blocking_mitigation": null,
  "file_path": "backend/src/module/database/user.py",
  "line_start": 71,
  "line_end": 87,
  "secondary_anchors": [
    {
      "file_path": "backend/src/module/api/auth.py",
      "line_start": 35,
      "line_end": 42
    },
    {
      "file_path": "backend/src/module/api/setup.py",
      "line_start": 290,
      "line_end": 305
    },
    {
      "file_path": "backend/src/module/security/api.py",
      "line_start": 41,
      "line_end": 63
    },
    {
      "file_path": "backend/src/module/update/startup.py",
      "line_start": 9,
      "line_end": 21
    }
  ],
  "review_scope_paths": [
    "backend/src/module/database/user.py",
    "backend/src/module/api/auth.py",
    "backend/src/module/api/setup.py",
    "backend/src/module/security/api.py",
    "backend/src/module/update/startup.py",
    "backend/src/module/models/config.py"
  ],
  "artifact_refs": {
    "variant_manifest": "bundle/vuln_variant/variant_manifest.json",
    "validation_verdict": "bundle/vuln_variant/validation_verdict.json",
    "runtime_manifest": "bundle/vuln_variant/runtime_manifest.json",
    "repro_log": "bundle/logs/vuln_variant/run.log",
    "root_cause_equivalence": "bundle/vuln_variant/root_cause_equivalence.json",
    "reproducer": [
      "bundle/vuln_variant/reproduction_steps.sh",
      "bundle/vuln_variant/ab_probe2.py"
    ]
  }
}