CVE-2026-34162

Exploit

EPSS 0.15%
Veröffentlicht 31.03.2026 13:43:20
Zuletzt bearbeitet 01.04.2026 18:38:39
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body, then makes a server-side HTTP request and returns the complete response to the caller. This issue has been patched in version 4.14.9.5.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fastgpt ≫ Fastgpt Version < 4.14.9.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.36

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	3.9	5.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
security-advisories@github.com	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/labring/FastGPT/security/advisories/GHSA-w36r-f268-pwrj

Vendor Advisory

Exploit

Mitigation

https://github.com/labring/FastGPT/pull/6640

Patch

Issue Tracking

https://github.com/labring/FastGPT/commit/bc7eae2ed61481a5e322208829be291faec58c00

Patch

https://github.com/labring/FastGPT/releases/tag/v4.14.9.5

Product

Release Notes