CVE-2024-47066

Lobe Chat has insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964)

CVSS 9 CRITICALEPSS 10.8%CWE-918

Vexday Risk Score

53Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9EPSS 10.8%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

23 Sep 2024Published on NVD

24 Sep 2024Public PoC

Recommendation: Plan a near-term fix — a public PoC already exists.

Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H

Affected products

lobehub · lobe-chat

public PoCs found — 1

githubgithub.com/l8BL/CVE-2024-47066★ 4

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf https://github.com/lobehub/lobe-chat/security/advisories/GHSA-3fc8-2r3f-8wrg https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc