CVE-2024-10044 in fastchat
Summary
by MITRE • 12/30/2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's credentials to perform unauthorized web actions or access unauthorized web resources by combining it with the POST /register_worker endpoint.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 07/30/2025
The CVE-2024-10044 vulnerability represents a critical server-side request forgery flaw in the lm-sys/fastchat Controller API Server, specifically affecting the POST /worker_generate_stream endpoint. This vulnerability stems from inadequate input validation and sanitization mechanisms within the API's request handling process, allowing malicious actors to manipulate the server's behavior through crafted requests. The flaw exists in the controller API server implementation and was introduced in the commit e208d5677c6837d590b81cb03847c0b9de100765, making it a recent but significant security weakness in this widely-used large language model infrastructure.
The technical exploitation of this vulnerability occurs through a combination of two API endpoints that together create a pathway for unauthorized access. Attackers can first register a worker through the POST /register_worker endpoint, which establishes a connection with the controller server. Subsequently, they can leverage this established connection to manipulate the POST /worker_generate_stream endpoint to make requests to arbitrary URLs. This combination allows attackers to bypass normal access controls and potentially access internal network resources, sensitive data, or perform unauthorized actions using the controller server's authenticated credentials. The vulnerability operates at the application layer and falls under CWE-918, which specifically addresses server-side request forgery vulnerabilities where attackers can manipulate server-side requests to access unauthorized resources.
The operational impact of this vulnerability extends beyond simple unauthorized access, as it can enable attackers to perform reconnaissance activities within the network environment where the controller server operates. An attacker could potentially access internal services, databases, or other resources that would normally be protected by network segmentation. The vulnerability also poses risks for data exfiltration, as the compromised server could be used to retrieve sensitive information from internal systems. Additionally, the attack could facilitate further exploitation by providing access to the underlying infrastructure, potentially leading to more severe consequences such as privilege escalation or persistent access. This vulnerability aligns with ATT&CK technique T1566.001 for server-side request forgery, which targets the manipulation of server-side applications to access unauthorized resources.
Mitigation strategies for CVE-2024-10044 should focus on implementing robust input validation and sanitization measures within the controller API server. The most effective approach involves implementing strict URL validation and whitelisting mechanisms that prevent the server from making requests to arbitrary destinations. Organizations should also implement network segmentation and access controls to limit the potential impact of exploitation. The controller server should be configured to only accept requests from trusted sources and validate all inputs through comprehensive filtering mechanisms. Additionally, implementing proper authentication and authorization controls for the /worker_generate_stream endpoint is crucial, as the vulnerability specifically leverages the existing worker registration mechanism to escalate privileges. Regular security audits and penetration testing should be conducted to identify and remediate similar vulnerabilities in the application's API endpoints, ensuring that all server-side request handling mechanisms are properly secured against unauthorized access patterns.