Summary

The custom REST endpoints that are used by the Azure ComputerVision provider do not run any sort of user permission checking, allowing these endpoints to be called by anyone.

Details

There are 5 custom REST endpoints that are used by the Azure ComputerVision provider within the Language Processing service. These endpoints run __return_true for their permission_callback (in essence not doing any sort of permission checking) and none of them run any sort of user permission checks within the main callback function.

Impacted endpoints:

Because there's no permission checking, this means that once you have proper authentication setup for ComputerVision and one or more features are turned on, anyone can hit the endpoints for those features, passing in a valid attachment ID, and have functionality run (like generating alt text or tagging images).

PoC

Configuration

1. Set up a ClassifAI site from scratch (WP + the plugin only)
2. Add a new image or PDF (depending on which feature you want to test) to the Media Library, making note of the attachment ID
3. Go to the Image Processing > Microsoft Azure settings page (/wp-admin/admin.php?page=image_processing)
4. Add in a valid Endpoint URL and API Key and turn on one or more features then hit Save Changes

PoC using attachment ID from above

1. Find the endpoint that corresponds to the feature you turned on:
   • /wp-json/classifai/v1/alt-tags/ATTACHMENT_ID for the Generate descriptive text feature
   • /wp-json/classifai/v1/image-tags/ATTACHMENT_ID for the Tag images feature
   • /wp-json/classifai/v1/smart-crop/ATTACHMENT_ID for the Enable smart cropping feature
   • /wp-json/classifai/v1/ocr/ATTACHMENT_ID for the Scan images for text feature
   • /wp-json/classifai/v1/read-pdf/ATTACHMENT_ID for the Enable scanning PDF feature (ensure you uploaded a PDF to test this)
2. Run a curl request to this endpoint, replacing ATTACHMENT_ID with a valid ID (note if running locally, you'll need to ensure your site has a publicly accessible URL for these functions to work)
3. Observe the result that gets printed, which we would hope to be an error message but currently isn't
4. Go back to the WordPress admin, find the media item you had uploaded and observe that whatever action you ran, information is now in place (for instance, alt text is filled out or image tags have been added)

Impact

Non-authorized users can trigger requests to the ComputerVision API, which in turn will modify content.

The actions that can be taken are:

• alt text added to images. This may be stored in the alt text field, caption field and/or description field, based on settings in the admin. Will overwrite any existing alt text that may be in place
• Tags added to an image
• Image may be cropped
• Text found within an image will be stored in the image description field, overwriting what is there
• Text found within a PDF will be stored in the PDF description field, overwriting what is there

Important to note that users can't choose what content gets saved, that comes from the API endpoints we hit. But they can trigger those actions to happen, adding in content you may not want, overwriting existing content and increasing number of requests that go to the API

See also

• Version 2.0.0 release notes
• b05ed69