Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without `AuthRequired: true`, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and prior to version 1.73.5, an unauthenticated attacker can set `rc.NoAuth=true`, which disables the authorization gate for many RC methods registered with `AuthRequired: true` on reachable RC servers that are started without global HTTP authentication. This can lead to unauthorized access to sensitive administrative functionality, including configuration and operational RC methods. Version 1.73.5 patches the issue.

N/A

关键功能的认证机制缺失

Rclone 访问控制错误漏洞

Rclone是Rclone团队的一个可以从云存储异步同步数据的软件。该软件支持 Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files等云存储。 Rclone 1.45.0版本至1.73.5之前版本存在访问控制错误漏洞，该漏洞源于RC端点options/set未设置AuthRequired，可能导致未经身份验证

N/A

N/A