Plattform
python
Komponente
llamafactory
Behoben in
0.9.5
0.9.4
CVE-2025-61784 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in the llamafactory chat API. This vulnerability allows authenticated users to force the server to make arbitrary HTTP requests, potentially exposing sensitive internal services and enabling Local File Inclusion (LFI). The vulnerability impacts versions of llamafactory up to and including 0.9.3, and a fix is available in version 0.9.4.
The SSRF vulnerability in llamafactory allows an attacker, once authenticated, to craft malicious requests that the server will execute on their behalf. This can be leveraged to scan the internal network for exposed services, interact with third-party APIs without proper authorization, or even attempt to access sensitive data stored within the internal network. The LFI component amplifies the impact, allowing attackers to read arbitrary files from the server's filesystem, potentially including configuration files, source code, or other sensitive information. A successful exploitation could lead to significant data breaches, system compromise, and lateral movement within the network.
CVE-2025-61784 was publicly disclosed on 2025-10-07. The vulnerability's SSRF nature shares similarities with other SSRF vulnerabilities that have been exploited in the past, allowing for reconnaissance and potential data exfiltration. The presence of an LFI component adds another layer of risk. The EPSS score is pending evaluation, but the combination of SSRF and LFI suggests a potential for medium to high exploitation probability. No public proof-of-concept exploits have been identified as of the disclosure date.
Organizations deploying llamafactory in production environments, particularly those with internal services accessible via HTTP or HTTPS, are at risk. Environments with weak authentication or inadequate network segmentation are especially vulnerable. Shared hosting environments where multiple users share the same llamafactory instance are also at increased risk.
• python / server:
import requests
import urllib.parse
def check_ssrf(url):
try:
parsed_url = urllib.parse.urlparse(url)
if parsed_url.scheme in ('http', 'https'):
response = requests.get(url, timeout=5)
if response.status_code != 200:
print(f"Potential SSRF detected: {url} - Status Code: {response.status_code}")
else:
print(f"URL {url} accessible.")
else:
print(f"Invalid URL scheme: {url}")
except requests.exceptions.RequestException as e:
print(f"Error accessing {url}: {e}")
# Example usage (replace with actual URL patterns)
check_ssrf("http://localhost:8080")
check_ssrf("http://169.254.169.254/latest/meta-data/")• generic web:
curl -I 'http://your-llamafactory-server/api/chat?message=http://internal-service/'• linux / server:
journalctl -u llamafactory -f | grep -i "request:"disclosure
Exploit-Status
EPSS
0.06% (18% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-61784 is to upgrade to llamafactory version 0.9.4 or later, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting outbound network access for the llamafactory service to only trusted destinations. Implement strict authentication and authorization controls to limit the number of authenticated users with access to the chat API. Monitor network traffic for unusual outbound requests originating from the llamafactory service. Review and harden the server's filesystem permissions to minimize the impact of a potential LFI attack. After upgrade, confirm by verifying the version number and testing the chat API functionality to ensure the vulnerability is no longer present.
Actualice LLaMA-Factory a la versión 0.9.4 o superior. Esto corrige las vulnerabilidades SSRF y LFI en la API de chat. La actualización se puede realizar utilizando el gestor de paquetes de Python, como pip.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-61784 is a Server-Side Request Forgery vulnerability in llamafactory versions up to 0.9.3, allowing attackers to make arbitrary HTTP requests and potentially access internal resources.
You are affected if you are using llamafactory versions 0.9.3 or earlier. Upgrade to version 0.9.4 or later to mitigate the vulnerability.
Upgrade to llamafactory version 0.9.4 or later. As a temporary workaround, restrict network access and implement input validation.
There is currently no confirmed evidence of active exploitation, but the vulnerability's public disclosure increases the risk of future attacks.
Refer to the llamafactory project's official website or GitHub repository for the latest security advisories and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.