CVE-2025-52552 in FastGPT
Summary
by MITRE • 06/21/2025
FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to attacker-controlled sites. This issue has been patched in version 4.9.12.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 12/29/2025
The FastGPT AI Agent building platform presents a significant security vulnerability in its authentication mechanism through the LastRoute parameter handling on the login page. This vulnerability affects versions prior to 4.9.12 and represents a critical weakness in the application's input validation and sanitization processes. The issue manifests as both open redirect and DOM-based cross-site scripting vulnerabilities, creating a dual threat that can be exploited by malicious actors to compromise user sessions and execute unauthorized code within the victim's browser context.
The technical flaw stems from improper validation and sanitization of the LastRoute parameter which is used to determine where users should be redirected after successful authentication. When this parameter is improperly handled, attackers can inject malicious URLs or JavaScript code that gets executed in the context of the victim's browser session. The open redirect aspect allows attackers to redirect users to malicious domains while the DOM-based XSS component enables execution of arbitrary JavaScript code within the victim's browser environment. This combination creates a particularly dangerous attack vector that can be leveraged for session hijacking, credential theft, or further exploitation of the compromised user session.
The operational impact of this vulnerability extends beyond simple code execution or redirection attacks. Attackers can exploit this weakness to perform session fixation attacks, steal authentication tokens, or redirect users to phishing sites that appear legitimate. The vulnerability affects the core authentication flow of the FastGPT platform, potentially allowing unauthorized access to sensitive AI agent configurations and data processing capabilities. Given that FastGPT is an AI Agent building platform, successful exploitation could lead to compromise of AI models, training data, and potentially sensitive information processed through these AI systems.
Security professionals should note this vulnerability aligns with CWE-601 for open redirect and CWE-79 for cross-site scripting, both of which are fundamental web application security weaknesses. The attack pattern follows common threat vectors documented in the MITRE ATT&CK framework under T1531 for Establishing Persistence and T1566 for Phishing, as attackers can use this vulnerability to redirect users to malicious sites or inject malicious code. Organizations using FastGPT should immediately implement the patch available in version 4.9.12 and conduct thorough security reviews of all authentication-related parameters. Additionally, network monitoring should be enhanced to detect suspicious redirect patterns and anomalous JavaScript execution within the platform's user interface.
The remediation approach requires comprehensive input validation and output encoding for all parameters used in redirect logic, particularly those that influence user navigation after authentication. The fix implemented in version 4.9.12 should include strict validation of redirect URLs to ensure they originate from trusted domains and proper sanitization of all user-supplied input before it is processed or rendered in the browser. Organizations should also implement additional security measures such as Content Security Policy headers, secure session management practices, and regular vulnerability scanning to prevent similar issues in the future. The vulnerability serves as a reminder of the critical importance of validating and sanitizing all user inputs, especially those that influence application flow and user navigation, as these elements form the foundation of web application security.