CVE-2024-12766

Summary

parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the POST /api/proxy REST API. Attackers can exploit this vulnerability to abuse the victim server's credentials to access unauthorized web resources by specifying the JSON parameter {"url":"http://steal.target"}. Existing security mechanisms such as forbid_remote_access(lollmsElfServer), lollmsElfServer.config.headless_server_mode, and check_access(lollmsElfServer, request.client_id) do not protect against this vulnerability.

Affected Software

VendorProductVersion RangeStatus
parisneoparisneo/lollms-webuiunspecified <= latestaffected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

Additional References

References