> About Author
Hi, I'm Sharon, a product manager at Chaitin Tech. We build SafeLine, an open-source Web Application Firewall built for real-world threats. While SafeLine focuses on HTTP-layer protection, our emergency response center monitors and responds to RCE and authentication vulnerabilities across the stack to help developers stay safe.
Overview
Smartbi is a popular business intelligence (BI) platform that integrates data analysis, reporting, and visualization.
Recently, a login bypass vulnerability was disclosed, patched, and confirmed to still affect a significant number of exposed systems online.
The flaw could allow attackers to leverage built-in accounts, gain authentication tokens, and ultimately call backend APIs β potentially leading to sensitive data leaks or even remote code execution (RCE).
Vulnerability Details
During installation, Smartbi creates several default accounts.
By abusing specific endpoints, attackers can bypass authentication and directly obtain identity credentials. These credentials can then be reused to access backend APIs without proper login.
Impact:
- Unauthorized access to sensitive data
- Full backend API exposure
- Potential for arbitrary code execution
Affected Versions:
Smartbi V7 β V10
Detection Tools
Two non-intrusive scanners are available for defenders:
1. X-POC Remote Scanner
Quick check if your target URL is vulnerable:
xpoc -r 105 -t http://target-url
2. CloudWalker Local Scanner
Run a harmless local scan:
smartbi_internal_user_login_bypass_scanner_windows_amd64.exe scan --output result.json
Mitigation & Fix
Temporary Workaround
- Remove default accounts (
public,service,system) if not required. - Do not expose Smartbi directly to the internet unless absolutely necessary.
Permanent Fix
Smartbi has released official security patches.
Supports both online upgrades and offline patch installation.
π Download patches here
Product Support
- YunTu: Fingerprint-based detection + PoC support
- SafeLine WAF: Virtual patch released, capable of detecting exploit attempts
- DongJian: Custom PoC supported and published
- CloudWalker: Platform v23.05.001+ supports detection via emergency vuln intelligence package (EMERVULN-23.06.009)
- QuanXi: Rule updates released for exploit detection
Timeline
- June 15 β Vulnerability reported to Chaitin Tech
- June 16 β Vulnerability analyzed and reproduced
- June 19 β Public advisory published
Final Thoughts
This Smartbi login bypass vulnerability shows once again how default accounts and weak authentication logic can quickly escalate into major security risks.
If your Smartbi deployment hasnβt been patched, apply the fix immediately β attackers wonβt hesitate to abuse this vector for data theft or even RCE.
Meanwhile, deploying SafeLine WAF provides an extra layer of defense, blocking exploit attempts in real time.
Top comments (0)