CVE-2024-47066

CRITICAL LAB

lobehub/lobe_chat < 1.19.13 - Server-Side Request Forgery via Redirect Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-47066. PoCs published by l8BL.

AI-analyzed exploit summary This is a working PoC for CVE-2024-47066, an SSRF vulnerability in Lobe Chat. It exploits a flaw in the proxy route by using a URL shortener to bypass SSRF protections and access internal resources.

Description

Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue.

Exploits (1)

nomisec WORKING POC 3 stars
by l8BL · poc
https://github.com/l8BL/CVE-2024-47066

This is a working PoC for CVE-2024-47066, an SSRF vulnerability in Lobe Chat. It exploits a flaw in the proxy route by using a URL shortener to bypass SSRF protections and access internal resources.

Classification
Working Poc 95%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Lobe Chat < 1.19.13
No auth needed
Prerequisites: Access to the vulnerable Lobe Chat instance · Ability to interact with the /api/proxy endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.0
EPSS 0.0578
EPSS Percentile 90.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Lab Environment

COMMUNITY
Community Lab
docker pull lobehub/lobe-chat:v1.19.12

Details

CWE
CWE-918
Status published
Products (2)
lobehub/chat 0 - 1.19.13npm
lobehub/lobe_chat < 1.19.3
Published Sep 23, 2024
Tracked Since Feb 18, 2026