CVE-2024-12766 Information
Description
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the POST /api/proxy REST API. Attackers can exploit this vulnerability to abuse the victim server’s credentials to access unauthorized web resources by specifying the JSON parameter �rl\:\http://steal.target\. Existing security mechanisms such as forbid_remote_access(lollmsElfServer) lollmsElfServer.config.headless_server_mode and check_access(lollmsElfServer request.client_id) do not protect against this vulnerability.
Reference
https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1
https://huntr.com/bounties/a143a2e2-1293-4dec-b875-3312584bd2b1
parisneo/lollms-webui
version
V13
(feather)
suffers
from
a
Server-Side
Request
Forgery
(SSRF)
vulnerability
in
the
POST /api/proxy
REST
API.
Attackers
can
exploit
this
vulnerability
to
abuse
the
victim
server’s
credentials
to
access
unauthorized
web
resources
by
specifying
the
JSON
parameter
{�rl\:\[***http://steal.target\}.***](http://steal.target}.) Existing security mechanisms such as forbid_remote_access(lollmsElfServer) lollmsElfServer.config.headless_server_modeandcheck_access(lollmsElfServer
request.client_id)`
do
not
protect
against
this
vulnerability.