An authentication bypass vulnerability in Budibase allows unauthenticated attackers to access restricted endpoints, posing a severe risk to data confidentiality and integrity.

The application utilizes unanchored regular expressions in its middleware to validate request URLs. Attackers can leverage this to bypass authentication by appending a public endpoint path as a query parameter, effectively tricking the system into granting unauthorized access.

With a CVSS score of 9.1, this vulnerability is critical as it allows for the complete compromise of administrative and system-level functions. Unauthorized access could lead to the exposure of sensitive platform data, modification of user accounts, or full system takeover, resulting in significant operational disruption and loss of trust.

Immediate Action: Upgrade Budibase to version 3.35.4 or later immediately to implement the corrected regex anchoring logic.

Proactive Monitoring: Review web server access logs for anomalous requests containing suspicious query parameters that mimic internal API paths.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules designed to inspect and filter query strings for unauthorized path traversal or API endpoint manipulation patterns.

Public Exploit Available: No

The severity of this authentication bypass cannot be overstated, as it effectively removes the primary security barrier for the platform. Administrators must prioritize the patch application in all production instances of Budibase to prevent unauthorized lateral movement and data exfiltration.