提出 #829407: nextlevelbuilder GoClaw <= 3.11.3 Server-Side Request Forgery (SSRF) (CWE-918)情報

タイトル	nextlevelbuilder GoClaw <= 3.11.3 Server-Side Request Forgery (SSRF) (CWE-918)
説明	# Technical Details A Server-Side Request Forgery (SSRF) vulnerability exists in the `TTSConfigHandler.handleSave` method in `internal/http/tts_config.go` of GoClaw. The application fails to validate provider-controlled TTS `api_base` URLs before persisting them through `POST /v1/tts/config`. The separate `POST /v1/tts/test-connection` path uses `validateProviderURL()` to reject private and metadata-service addresses, but `handleSave` omits that validation. As a result, an attacker with access to the TTS configuration endpoint can store an internal URL such as `http://x.x.x.x/latest/meta-data`, and later force the backend to contact it during TTS synthesis through `POST /v1/tts/synthesize`. # Vulnerable Code File: internal/http/tts_config.go Method: TTSConfigHandler.handleSave Why: The method accepts provider-specific `api_base` values from OpenAI, ElevenLabs, and similar TTS provider configurations, resolves them with helpers such as `resolvedAPIBase()`, and stores them in `system_configs` without calling `validateProviderURL()` or otherwise blocking localhost, private network, or cloud metadata endpoints. # Reproduction 1. Run a vulnerable GoClaw deployment with PostgreSQL and access to `POST /v1/tts/config`. 2. Send a TTS configuration request that sets a provider `api_base` to an internal target such as `http://x.x.x.x/latest/meta-data`. 3. Confirm the server returns success and the malicious `api_base` is persisted in `system_configs`. 4. Trigger TTS synthesis with `POST /v1/tts/synthesize`. 5. Observe that the backend attempts to contact the internal target, typically producing a timeout or backend log entry showing the outbound request attempt. # Impact - Authenticated administrative users, or users in default/dev single-user deployments, can force the server to make requests to internal network resources. - Cloud deployments may expose metadata service endpoints and IAM credentials. - Attackers can perform blind internal network probing or interact with private services that are not externally reachable.
ソース	⚠️ https://github.com/nextlevelbuilder/goclaw/issues/1132
ユーザー	Eric-b (UID 96354)
送信	2026年05月14日 07:22 (22 日 ago)
モデレーション	2026年06月01日 20:17 (19 days later)
ステータス	承諾済み
VulDBエントリ	367710 [nextlevelbuilder GoClaw 迄 3.11.3 TTS Configuration Endpoint tts_config.go import 特権昇格]
ポイント	20

◂ 前概要次 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!