lollms-webui
CVE-2024-12766 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in parisneo's lollms-webui, specifically within the /api/proxy REST API. This flaw allows attackers to leverage the server's credentials to access internal or external resources they shouldn't have access to. The vulnerability impacts versions of lollms-webui up to the latest release (V13, feather) and requires immediate attention.
The SSRF vulnerability in lollms-webui allows an attacker to craft malicious requests through the /api/proxy endpoint. By manipulating the url parameter within a POST request (e.g., {"url":"http://steal.target"}), an attacker can force the server to make requests to arbitrary internal or external URLs. This can lead to the exposure of sensitive data, unauthorized access to internal services, and potentially even the execution of malicious code on systems accessible from the lollms-webui server. The impact is amplified if the server has access to privileged credentials or is part of a larger, interconnected network, enabling lateral movement and a wider blast radius.
CVE-2024-12766 was publicly disclosed on 2025-03-20. There is currently no indication of active exploitation or listing on KEV. The EPSS score is pending evaluation. Public proof-of-concept (PoC) code is not yet available, but the vulnerability's nature makes it likely that PoCs will emerge. Monitor security advisories and vulnerability databases for updates.
Organizations deploying lollms-webui, particularly those exposing it to untrusted networks or using it to proxy requests to internal services, are at risk. Shared hosting environments where multiple users share the same server instance are also vulnerable, as an attacker could potentially exploit the vulnerability through another user's account.
• python / server:
import requests
import json
url = 'http://your_lollms_webui_ip/api/proxy'
headers = {'Content-Type': 'application/json'}
data = json.dumps({'url': 'http://127.0.0.1:8080'}) # Test URL
response = requests.post(url, headers=headers, data=data)
if response.status_code == 200:
print("Potential SSRF detected. Review response content.")
print(response.text)
else:
print("Request failed.")• generic web:
curl -v -X POST 'http://your_lollms_webui_ip/api/proxy' -H 'Content-Type: application/json' -d '{"url":"http://127.0.0.1:8080"}'• linux / server:
journalctl -u lollms-webui -f | grep "proxy request" # Look for suspicious URLs in logsdisclosure
Exploit-Status
EPSS
0.12% (32% Perzentil)
CISA SSVC
CVSS-Vektor
While a direct patch for CVE-2024-12766 is pending, several mitigation strategies can reduce the risk. The most effective is to restrict outbound network access from the lollms-webui server, limiting its ability to make requests to external resources. Implement strict URL validation on the /api/proxy endpoint, rejecting requests with invalid or suspicious URLs. Consider using a Web Application Firewall (WAF) to filter malicious requests and block SSRF attempts. Regularly review and update the server's configuration, ensuring that security mechanisms like forbidremoteaccess and check_access are properly configured and enforced. After implementing these workarounds, verify their effectiveness by attempting to trigger the SSRF vulnerability with a controlled, non-harmful URL.
Actualice la biblioteca lollms-webui a la última versión disponible. Esto debería incluir la corrección para la vulnerabilidad SSRF. Consulte las notas de la versión para obtener más detalles sobre la actualización y las mitigaciones adicionales.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-12766 is a Server-Side Request Forgery (SSRF) vulnerability in the /api/proxy endpoint of lollms-webui versions up to the latest, allowing attackers to make requests on behalf of the server.
If you are running lollms-webui version V13 (feather) or earlier, you are potentially affected by this SSRF vulnerability.
A direct patch is pending. Mitigate by restricting outbound network access, validating URLs, and using a WAF.
There is currently no confirmed evidence of active exploitation, but the vulnerability's nature makes it a potential target.
Refer to the parisneo/lollms-webui repository and relevant security forums for updates and advisories.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.