Botpress - Credential Disclosure via Twilio Webhook Handler

A critical vulnerability has been identified in Botpress's Twilio integration webhook handler, allowing unauthorized credential disclosure. The flaw stems from the handler accepting arbitrary POST requests without validating Twilio's 'X-Twilio-Signature'. When processing media messages, the system fetches user-controlled URLs specified in 'MediaUrlN' parameters, inadvertently transmitting Twilio credentials ('accountSID' and 'authToken') within the 'Authorization' header. Attackers can exploit this by forging webhook payloads directed to controlled servers, capturing credentials in plaintext base64-encoded Basic Auth. This compromise grants full control over the victim's Twilio account, enabling potential abuse of communication services and financial loss. Immediate mitigation requires implementing strict signature validation for incoming webhook requests and ensuring sensitive credentials are not transmitted during outbound requests to user-controlled destinations. Organizations using Botpress should patch this integration immediately to prevent unauthorized access and safeguard telecommunication infrastructure against credential harvesting attacks targeting cloud integrations.

Botpress - Credential Disclosure via Twilio Webhook Handler The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs ('MediaUrlN' parameters) using HTTP requests that include the integration's Twilio credentials in the 'Authorization' header. An attacker can forge a webhook payload pointing to their own server and receive the victim's 'accountSID' and 'authToken' in plaintext (base64-encoded Basic Auth), leading to full compromise of the Twilio account. Joshua Martinelle Fri, 03/27/2026 - 10:01

A critical vulnerability has been identified in Botpress's Twilio integration webhook handler, allowing unauthorized credential disclosure. The flaw stems from the handler accepting arbitrary POST requests without validating Twilio's 'X-Twilio-Signature'. When processing media messages, the system fetches user-controlled URLs specified in 'MediaUrlN' parameters, inadvertently transmitting Twilio credentials ('accountSID' and 'authToken') within the 'Authorization' header. Attackers can exploit this by forging webhook payloads directed to controlled servers, capturing credentials in plaintext base64-encoded Basic Auth. This compromise grants full control over the victim's Twilio account, enabling potential abuse of communication services and financial loss. Immediate mitigation requires implementing strict signature validation for incoming webhook requests and ensuring sensitive credentials are not transmitted during outbound requests to user-controlled destinations. Organizations using Botpress should patch this integration immediately to prevent unauthorized access and safeguard telecommunication infrastructure against credential harvesting attacks targeting cloud integrations. Botpress - Credential Disclosure via Twilio Webhook Handler The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs ('MediaUrlN' parameters) using HTTP requests that include the integration's Twilio credentials in the 'Authorization' header. An attacker can forge a webhook payload pointing to their own server and receive the victim's 'accountSID' and 'authToken' in plaintext (base64-encoded Basic Auth), leading to full compromise of the Twilio account. Joshua Martinelle Fri, 03/27/2026 - 10:01 Botpress - Credential Disclosure via Twilio Webhook Handler The Twilio integration webhook handler accepts any POST request without validating Twilio's 'X-Twilio-Signature'. When processing media messages, it fetches user-controlled URLs ('MediaUrlN' parameters) using HTTP requests that include the integration's Twilio credentials in the 'Authorization' header. An attacker can forge a webhook payload pointing to their own server and receive the victim's 'accountSID' and 'authToken' in plaintext (base64-encoded Basic Auth), leading to full compromise of the Twilio account. Joshua Martinelle Fri, 03/27/2026 - 10:01