| 제목 | SuperAGI up to c3c1982 Server-Side Request Forgery (CWE-918) |
|---|
| 설명 | # Technical Details
A Server-Side Request Forgery (SSRF) vulnerability exists in the `extract_with_bs4` method in `superagi/helper/webpage_extractor.py` of SuperAGI.
The application fails to validate or restrict the URL passed to `requests.get()` by the WebScraperTool, allowing any authenticated user to make the server perform HTTP requests to arbitrary internal or external hosts.
# Vulnerable Code
File: superagi/helper/webpage_extractor.py (line 101)
Method: extract_with_bs4, extract_with_3k (line 50/63), extract_with_lxml (line 144)
Why: The URL from agent goals is passed directly to `requests.get(url, headers=headers, timeout=10)` with no validation of URL scheme, target hostname/IP (no blocklist for private ranges like 127.0.0.0/8, x.x.x.x), or redirect destinations. The response content is returned to the attacker through the execution feed API, making this a full (non-blind) SSRF.
# Reproduction
1. Create an agent with WebScraperTool and goal: "Fetch content from http://x.x.x.x/latest/meta-data/"
2. Trigger the agent: PUT /agentexecutions/update/{id} with {"status": "RUNNING"}
3. Wait for execution and read results: GET /agentexecutionfeeds/get/execution/{id}
4. The internal response content is returned in the execution feed.
# Impact
- Cloud Credential Theft: Fetches IAM credentials from AWS metadata endpoint (http://x.x.x.x/latest/meta-data/iam/security-credentials/).
- Internal Network Scanning: Probes internal hosts and ports behind the firewall.
- Non-Blind SSRF: Response content (up to 600 words) is returned directly to the attacker via the execution feed API.
- Exploitable by any authenticated user, including lowest-privilege accounts.
|
|---|
| 원천 | ⚠️ https://gist.github.com/YLChen-007/4bb1d709cbb58cee46d839c651d3221f |
|---|
| 사용자 | Eric-y (UID 95889) |
|---|
| 제출 | 2026. 03. 27. PM 01:04 (25 날 ago) |
|---|
| 모더레이션 | 2026. 04. 19. PM 06:14 (23 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 358251 [TransformerOptimus SuperAGI 까지 0.0.14 WebScraperTool webpage_extractor.py 권한 상승] |
|---|
| 포인트들 | 20 |
|---|