mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-17 08:21:12 -05:00
[GH-ISSUE #23400] bug: [Security] Unauthenticated /api/config endpoint and missing rate limiting on /signup #58637
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @autoailabadmin on GitHub (Apr 4, 2026).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/23400
Security Improvement Suggestions
Hi! We ran an automated security review on this repository using CodeTrust, an AI-powered logical security scanner built by AutoAI Labs.
We identified 4 potential security improvements in areas related to authentication, rate limiting, and endpoint exposure.
For responsible disclosure, we are not including specific vulnerability details in this public issue. If you would like the full report with:
Please:
Methodology: Multi-model AI review (GPT-4.1) with programmatic AST verification, mapped to OWASP WSTG-BUSL business logic testing standards. Each finding was independently validated by a second AI pass against the actual source code to eliminate false positives.
We are happy to submit fix PRs for any confirmed issues. This is a free community security service.
Automated security review by CodeTrust — AI-powered logical security analysis by AutoAI Labs
@pr-validator-bot commented on GitHub (Apr 4, 2026):
⚠️ Missing Issue Title Prefix
@autoailabadmin, your issue title is missing a prefix (e.g.,
bug:,feat:,docs:).Please update your issue title to include one of the following prefixes:
Example:
bug: Login fails when using special characters in password@autoailabadmin commented on GitHub (Apr 4, 2026):
Hi team — to add context to our report and show this is a genuine security review (not automated spam):
What we actually reviewed: We cloned your backend (167 Python files, 73,107 lines) and ran a multi-model AI analysis focused on OWASP business logic testing (WSTG-BUSL). Each finding was then independently verified against your actual source code.
Finding 1 (highest confidence): Your
/signupendpoint (app/api/routes/auths.py) has no rate limiting or CAPTCHA. An attacker can create unlimited accounts programmatically. We verified there is noLimiter,slowapi, or similar middleware applied.Finding 2: The
/api/configGET endpoint does not require authentication in certain code paths. We traced this throughmain.py.What we suppressed (did NOT report): Our first-pass AI flagged 13 issues. We verified each against your code — 3 were LLM hallucinations (the AI incorrectly claimed endpoints had no auth when they actually use
Depends(get_verified_user)). We caught and removed these false positives before reporting.We're happy to submit a PR adding rate limiting to
/signupand/api/v1/authsendpoints if that would be helpful.— Tauqeer, AutoAI Labs (autoailabs.co.uk)
@Classic298 commented on GitHub (Apr 4, 2026):
Missing rate limits and missing captcha is not a vulnerability.
For both, but especially for the captcha, a discussion is needed. 99.99% of deployments will never need rate limiting and even less so a captcha.
If you host your open webui on the internet you shouldn't enable signups anyways.
A B2C SaaS with email validation and subscriptions as a publicly available service needs rate limiting and captcha. Open WebUI isn't that.
The lack of a feature doesn't constitute a vulnerability.
Read our security policy and report security related findings there and not via issues.
This is spam, wasting time. And an undisclosed shameless ad.
PS: private security reporting is enabled. Open your eyes. Or tell your clanker to read the security.md file
PPS: the config endpoint is supposed to be callable without authentication. Depending on who calls it (not logged in, logged in, admin) different information gets returned. It's needed for the app to function.
These false positive automated "vulnerability" reports in the responsible disclosure and via Issues too, as of late, are getting tiring.