7.5

CVE-2026-7177

Exploit

ChatGPTNextWeb NextChat route.ts proxyHandler server-side request forgery

A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NextchatNextchat Version2.16.0
NextchatNextchat Version2.16.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.273
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cna@vuldb.com 7.3 3.9 3.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cna@vuldb.com 5.5 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://vuldb.com/vuln/359779
Third Party Advisory
VDB Entry
https://vuldb.com/vuln/359779/cti
Permissions Required
https://vuldb.com/submit/797645
Third Party Advisory
Exploit
https://github.com/ChatGPTNextWeb/NextChat/issues/6742
Issue Tracking
https://gist.github.com/YLChen-007/da6b00024f5b7e1d4fa0658c19b77fbf
Third Party Advisory
Exploit
https://github.com/ChatGPTNextWeb/NextChat/
Product