Submeter #844659: AstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (CWE-918)informação

TítuloAstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (CWE-918)
Descrição# Technical Details An authenticated SSRF exists in the plugin market registry flow implemented by `get_online_plugins()`, `_build_registry_source()`, and `_fetch_remote_md5()` in `astrbot/dashboard/routes/plugin.py` of AstrBot. The application fails to validate attacker-supplied registry URLs before issuing server-side requests. The `custom_registry` query parameter is used directly as a fetch target and also used to derive a second `-md5.json` request. There is no allowlist, private-network filtering, scheme restriction, or redirect validation. # Vulnerable Code File: `astrbot/dashboard/routes/plugin.py` Method: `get_online_plugins()` Why: The handler reads `custom_registry` from the request, passes it into `_build_registry_source()`, and performs `session.get(url)` on the resulting attacker-controlled URL. `_fetch_remote_md5()` makes a second request to a derived attacker-influenced MD5 URL, creating an additional SSRF sink. # Reproduction 1. Start a reachable HTTP listener that serves `/market-custom.json` and `/market-custom-md5.json`. 2. Authenticate to the AstrBot dashboard. 3. Send `GET /api/plugin/market_list?custom_registry=http://127.0.0.1:19001/market-custom.json&force_refresh=true`. 4. Observe the AstrBot server contacting the listener for both `/market-custom.json` and `/market-custom-md5.json`. 5. Repeat without `custom_registry` and confirm the observer receives no callbacks. # Impact - Authenticated users can force AstrBot to make requests to loopback, RFC1918, or otherwise internal HTTP services reachable from the host. - The issue can be used for internal network probing, metadata access attempts, and interaction with internal-only management interfaces.
Fonte⚠️ https://gist.github.com/YLChen-007/cd162554554c273a3a7c0330aa02f3f0
Utilizador
 Eric-a (UID 96353)
Submissão01/06/2026 10h19 (há 1 mês)
Moderação11/07/2026 14h42 (1 month later)
EstadoAceite
Entrada VulDB377807 [AstrBotDevs AstrBot até 4.25.2 market_list Endpoint plugin.py get_online_plugins custom_registry Elevação de Privilégios]
Pontos20

Want to know what is going to be exploited?

We predict KEV entries!