| عنوان | AstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (CWE-918) |
|---|
| الوصف | # Technical Details
An authenticated SSRF exists in the plugin market registry flow implemented by `get_online_plugins()`, `_build_registry_source()`, and `_fetch_remote_md5()` in `astrbot/dashboard/routes/plugin.py` of AstrBot.
The application fails to validate attacker-supplied registry URLs before issuing server-side requests. The `custom_registry` query parameter is used directly as a fetch target and also used to derive a second `-md5.json` request. There is no allowlist, private-network filtering, scheme restriction, or redirect validation.
# Vulnerable Code
File: `astrbot/dashboard/routes/plugin.py`
Method: `get_online_plugins()`
Why: The handler reads `custom_registry` from the request, passes it into `_build_registry_source()`, and performs `session.get(url)` on the resulting attacker-controlled URL. `_fetch_remote_md5()` makes a second request to a derived attacker-influenced MD5 URL, creating an additional SSRF sink.
# Reproduction
1. Start a reachable HTTP listener that serves `/market-custom.json` and `/market-custom-md5.json`.
2. Authenticate to the AstrBot dashboard.
3. Send `GET /api/plugin/market_list?custom_registry=http://127.0.0.1:19001/market-custom.json&force_refresh=true`.
4. Observe the AstrBot server contacting the listener for both `/market-custom.json` and `/market-custom-md5.json`.
5. Repeat without `custom_registry` and confirm the observer receives no callbacks.
# Impact
- Authenticated users can force AstrBot to make requests to loopback, RFC1918, or otherwise internal HTTP services reachable from the host.
- The issue can be used for internal network probing, metadata access attempts, and interaction with internal-only management interfaces. |
|---|
| المصدر | ⚠️ https://gist.github.com/YLChen-007/cd162554554c273a3a7c0330aa02f3f0 |
|---|
| المستخدم | Eric-a (UID 96353) |
|---|
| ارسال | 01/06/2026 10:19 AM (1 شهر منذ) |
|---|
| الاعتدال | 11/07/2026 02:42 PM (1 month later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 377807 [AstrBotDevs AstrBot حتى 4.25.2 market_list Endpoint plugin.py get_online_plugins custom_registry تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|