CVE-2024-47066

CRITICAL LAB

Lobe Chat <1.19.13 - SSRF

Title source: llm

Description

Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue.

Exploits (1)

nomisec WORKING POC 3 stars

by l8BL · poc

https://github.com/l8BL/CVE-2024-47066

View Code ZIP pw:eip

References (4)

[Broken Link] https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts

[Patch] https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf

[Exploit, Third Party Advisory] https://github.com/lobehub/lobe-chat/security/advisories/GHSA-3fc8-2r3f-8wrg

[Not Applicable] https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc

Scores

CVSS v3 9.0

EPSS 0.0578

EPSS Percentile 90.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull lobehub/lobe-chat:v1.19.12

https://github.com/l8BL/CVE-2024-47066

View in Library

Details

CWE

CWE-918

Status published

Products (2)

lobehub/chat 0 - 1.19.13npm

lobehub/lobe_chat < 1.19.3

Published Sep 23, 2024

Tracked Since Feb 18, 2026