CVE-2024-12779

Exploit

EPSS 0.1%
Veröffentlicht 20.03.2025 10:11:28
Zuletzt bearbeitet 01.04.2025 20:34:50
Quelle security@huntr.dev
CVE-Watchlists
Login
Unerledigt
Login

A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Infiniflow ≫ Ragflow Version0.12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.281

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
security@huntr.dev	6.5	2.8	3.6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-12779

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-12779

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-12779

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-12779