| 标题 | ItzCrazyKns Vane 1.12.1 SSRF via Model Provider baseURL |
|---|
| 描述 | The POST /api/providers endpoint allows unauthenticated users to register new model providers with an arbitrary baseURL parameter. Upon registration, the server immediately initiates an HTTP request from the server side to ${baseURL}/api/tags (for Ollama-type providers) or similar endpoints for other provider types, without any validation of the target URL. |
|---|
| 来源 | ⚠️ https://github.com/ItzCrazyKns/Vane/issues/1124 |
|---|
| 用户 | Yu-Bao (UID 96702) |
|---|
| 提交 | 2026-04-26 04時00分 (1 月前) |
|---|
| 管理 | 2026-05-23 16時01分 (28 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 365336 [ItzCrazyKns Vane 直到 1.12.1 Model Provider API route.ts baseURL 权限提升] |
|---|
| 积分 | 19 |
|---|