Plattform
python
Komponente
requests
Behoben in
v0.4.0
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Requests utility within significant-gravitas/autogpt versions prior to v0.4.0. This flaw stems from a hostname confusion between urllib.parse and the requests library, allowing attackers to bypass SSRF checks. Affected users should immediately upgrade to version v0.4.0 to mitigate this risk.
The SSRF vulnerability in significant-gravitas/autogpt allows a malicious user to craft a specially designed URL, such as http://localhost:\@google.com/../, to bypass the intended SSRF protection. Successful exploitation enables an attacker to make requests to internal resources that are otherwise inaccessible from the outside. This could include accessing sensitive data stored on internal servers, interacting with internal APIs, or even potentially gaining access to cloud metadata services. The blast radius extends to any internal service reachable from the autogpt instance, posing a significant risk to the confidentiality and integrity of the system.
This vulnerability was publicly disclosed on 2025-03-20. While no public proof-of-concept (PoC) has been widely reported, the SSRF nature of the vulnerability makes it relatively easy to exploit. The EPSS score is likely medium, indicating a moderate probability of exploitation given the ease of exploitation and potential impact. It is not currently listed on the CISA KEV catalog.
Organizations using significant-gravitas/autogpt in environments with internal services or cloud metadata exposure are at risk. Specifically, deployments where autogpt is granted broad network access or interacts with sensitive internal APIs are particularly vulnerable. Shared hosting environments utilizing autogpt also pose a risk, as a compromised autogpt instance could potentially be used to attack other tenants on the same server.
• python / server:
import re
def check_request_url(url):
if re.search(r'localhost:\@', url):
return True
return False
# Example usage
url = input("Enter the URL: ")
if check_request_url(url):
print("Potential SSRF vulnerability detected!")
else:
print("URL appears safe.")• linux / server: journalctl filters for requests to unusual hostnames (e.g., journalctl | grep 'localhost:\@').
• generic web: Check access logs for requests containing localhost:\@ or similar hostname manipulation patterns.
disclosure
Exploit-Status
EPSS
0.10% (27% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-0454 is to upgrade significant-gravitas/autogpt to version v0.4.0 or later, which contains the fix. If upgrading immediately is not feasible, consider implementing a Web Application Firewall (WAF) or proxy to filter out potentially malicious URLs containing hostname manipulation techniques like double colon escapes. Additionally, review and restrict the allowed URL schemes and domains that autogpt is permitted to access. Monitor network traffic for unusual outbound requests originating from the autogpt instance.
Aktualisieren Sie die Requests Bibliothek auf Version 0.4.0 oder höher. Dies behebt die SSRF-Schwachstelle. Sie können dies mit `pip install --upgrade requests` aktualisieren.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-0454 is a Server-Side Request Forgery (SSRF) vulnerability in significant-gravitas/autogpt versions prior to v0.4.0, allowing attackers to bypass SSRF checks and potentially access internal resources.
You are affected if you are using significant-gravitas/autogpt versions ≤v0.4.0. Upgrade to v0.4.0 to resolve the vulnerability.
Upgrade significant-gravitas/autogpt to version v0.4.0 or later. Consider implementing WAF rules or restricting URL access as a temporary workaround.
While no widespread exploitation has been confirmed, the ease of exploitation suggests a potential for active campaigns. Continuous monitoring is recommended.
Refer to the significant-gravitas/autogpt project's official repository or website for the latest security advisories and release notes.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.