Plattform
nodejs
Komponente
fastgpt
Behoben in
4.14.10
CVE-2026-34162 describes a critical Server-Side Request Forgery (SSRF) vulnerability affecting FastGPT, an AI Agent building platform. This vulnerability allows attackers to leverage the platform as a proxy to make unauthorized HTTP requests, potentially exposing sensitive internal data or services. The vulnerability impacts versions of FastGPT prior to 4.14.9.5, and a patch has been released in version 4.14.9.5.
The exposed HTTP tools testing endpoint (/api/core/app/httpTools/runTool) in FastGPT allows attackers to craft malicious requests with a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body. Because the endpoint acts as a full HTTP proxy without authentication, an attacker can leverage this to scan internal networks, access sensitive internal APIs, and potentially exfiltrate data. A successful SSRF attack could expose databases, configuration files, or other internal services that should not be directly accessible from the internet. The lack of authentication significantly broadens the attack surface, making exploitation relatively straightforward.
This vulnerability was publicly disclosed on 2026-03-31. No known public Proof-of-Concept (PoC) exploits have been released at the time of writing, but the SSRF nature of the vulnerability makes it likely that PoCs will emerge. The CVSS score of 10 (CRITICAL) indicates a high probability of exploitation. It is not currently listed on CISA KEV.
Organizations deploying FastGPT in environments with internal services accessible via HTTP are at significant risk. This includes those using FastGPT for internal AI agent development or integration with other internal systems. Shared hosting environments where FastGPT is deployed alongside other applications are particularly vulnerable, as an attacker could potentially leverage the SSRF vulnerability to access resources belonging to other tenants.
• nodejs / server:
ps aux | grep fastgpt
journalctl -u fastgpt | grep '/api/core/app/httpTools/runTool'• generic web:
curl -I <fastgpt_server>/api/core/app/httpTools/runTool?baseUrl=http://localhost:8080
# Check for unexpected responses or internal resource accessdisclosure
Exploit-Status
EPSS
0.15% (36% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-34162 is to immediately upgrade FastGPT to version 4.14.9.5 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) to block requests to the vulnerable endpoint (/api/core/app/httpTools/runTool). Restrict network access to the FastGPT server to only allow necessary outbound connections. Monitor access logs for suspicious outbound requests originating from the server. After upgrading, confirm the vulnerability is resolved by attempting to access an internal resource through the HTTP tools testing endpoint and verifying that the request is blocked or denied.
Aktualisieren Sie FastGPT auf Version 4.14.9.5 oder höher. Diese Version behebt die nicht authentifizierte SSRF-Schwachstelle im Endpoint /api/core/app/httpTools/runTool, die den Diebstahl interner API-Schlüssel ermöglichte.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-34162 is a critical SSRF vulnerability in FastGPT versions prior to 4.14.9.5, allowing attackers to make unauthorized HTTP requests through the platform.
You are affected if you are running FastGPT version 4.14.9.5 or earlier. Immediately assess your deployment and upgrade.
Upgrade FastGPT to version 4.14.9.5 or later. As a temporary workaround, implement a WAF to filter requests to the vulnerable endpoint.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted.
Refer to the FastGPT project's official website or GitHub repository for the latest security advisories and release notes.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.