CVE-2026-46685

Published: Mag 28, 2026 Last Modified: Mag 28, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,0
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: passive
Confidentiality: N/A
Integrity: N/A
Availability: N/A

Description

AI Translation Available

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, when RUSTFS_CORS_ALLOWED_ORIGINS is unset, the RustFS S3 listener's ConditionalCorsLayer reflects any request Origin value back as Access-Control-Allow-Origin and also sets Access-Control-Allow-Credentials: true and Access-Control-Allow-Headers: * on responses, including preflight responses and error responses. This creates a permissive cross-domain policy with untrusted origins. A browser visiting an attacker-controlled page can issue credentialed cross-origin requests to a reachable RustFS deployment and read the response when the victim browser has ambient credentials for the RustFS origin, such as saved HTTP Basic Auth credentials, reverse-proxy SSO cookies, or TLS client certificates. This vulnerability is fixed in 1.0.0-beta.2.

306

Missing Authentication for Critical Function

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Cloud Computing, ICS/OT
Likelihood of Exploit: High
View CWE Details
346

Origin Validation Error

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Not Technology-Specific, Web Based
View CWE Details
942

Permissive Cross-domain Security Policy with Untrusted Domains

Incomplete
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Access Control
Potential Impacts:
Execute Unauthorized Code Or Commands Bypass Protection Mechanism Read Application Data Varies By Context
Applicable Platforms
Technologies: Web Based, Web Server
View CWE Details
https://github.com/rustfs/rustfs/security/advisories/GHSA-x…
https://github.com/rustfs/rustfs/security/advisories/GHSA-x5xv-223c-8vm7
https://github.com/rustfs/rustfs/security/advisories/GHSA-x…
https://github.com/rustfs/rustfs/security/advisories/GHSA-x5xv-223c-8vm7