Plattform
python
Komponente
haotian-liu/llava
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Controller API Server of haotian-liu/llava, specifically within the /workergeneratestream API endpoint. This flaw allows attackers to leverage the server's credentials to initiate unauthorized web requests and access restricted resources. The vulnerability impacts versions up to and including v1.2.0 (LLaVA-1.6), and a fix is pending.
The SSRF vulnerability in LLaVA's Controller API Server presents a significant risk. An attacker can exploit this to bypass security controls and access internal resources that should be protected. This could involve reading sensitive data from internal services, interacting with other systems on the network using the server's identity, or even potentially executing commands on other systems if the server has sufficient privileges. The ability to use the server's credentials for unauthorized web actions significantly expands the potential attack surface and increases the blast radius of a successful exploitation.
The vulnerability was publicly disclosed on 2025-03-20. There is currently no indication of active exploitation campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog as of this writing. Public proof-of-concept (POC) code is not yet available, but the SSRF nature of the vulnerability makes it likely that a POC will be developed.
Organizations deploying LLaVA for image generation or multimodal AI applications are at risk. Specifically, those running the Controller API Server in environments with limited network segmentation or with overly permissive outbound access policies are particularly vulnerable. Shared hosting environments where the server's outbound access is not tightly controlled also face increased risk.
• python / server:
import requests
import urllib3
http = urllib3.PoolManager()
# Example: Check for outbound requests to unusual domains
response = http.request('GET', 'https://example.com/worker_generate_stream', headers={'User-Agent': 'LLaVA Controller API Server'}) # Replace with actual endpoint
if response.status >= 400:
print(f"Potential SSRF attempt detected: {response.status}")• generic web:
curl -I https://your-llava-server.com/worker_generate_stream # Check response headers for unusual redirects or server informationdisclosure
Exploit-Status
EPSS
0.12% (30% Perzentil)
CISA SSVC
CVSS-Vektor
Due to the lack of a specific fixed version, immediate mitigation focuses on limiting the impact of the vulnerability. Implement strict network segmentation to isolate the Controller API Server from sensitive internal resources. Configure a Web Application Firewall (WAF) to block requests to the /workergeneratestream endpoint or filter requests based on allowed domains. Carefully review and restrict the server's outbound network access to only necessary services. Monitor logs for unusual outbound requests originating from the Controller API Server. After implementing these controls, verify their effectiveness by attempting to trigger the SSRF vulnerability in a controlled environment.
Aktualisieren Sie die Bibliothek haotian-liu/llava auf eine Version nach v1.2.0, die die SSRF Vulnerabilität behebt. Konsultieren Sie die Versionshinweise oder das Änderungsprotokoll für weitere Details zur Behebung. Als vorübergehende Mitigation beschränken Sie den Zugriff auf die /worker_generate_stream API nur auf vertrauenswürdige Quellen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-9309 is a critical SSRF vulnerability in the haotian-liu/llava Controller API Server, allowing attackers to exploit server credentials for unauthorized web actions.
If you are running LLaVA versions up to and including v1.2.0 (LLaVA-1.6) and have not implemented mitigating controls, you are potentially affected.
A patched version is pending. Until then, implement network segmentation, WAF rules, and restrict server credentials to mitigate the risk.
While no active exploitation has been publicly confirmed, the high severity score suggests a potential for exploitation if left unaddressed.
Refer to the haotian-liu/llava project's official repository and communication channels for updates and advisories regarding CVE-2024-9309.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.