SSRF Vulnerability Allowing Access to Internal Networks
A Server-Side Request Forgery (SSRF) vulnerability in Anything-LLM allows attackers to access internal network addresses. This issue affects the latest version of Anything-LLM before it was patched in version 1.0.0. Attackers can exploit this vulnerability by sending a specially crafted request to the application.
Available publicly on Feb 27 2024 | Available with Premium on Jan 19 2024
Threat Overview
The SSRF vulnerability in Anything-LLM enables an attacker to send requests to internal network resources that should not be accessible from the internet. By exploiting this vulnerability, an attacker can access internal web servers and potentially sensitive information within an organization's private network. This is particularly concerning because it bypasses network security measures that are designed to isolate internal resources from external access.
Attack Scenario
An attacker crafts a POST request to the /api/workspace/test/upload-link endpoint of the Anything-LLM application, including a link parameter pointing to an internal network address (e.g., http://192.168.2.48/dashboard.html). The application fetches the content from the internal address and saves it to a file. The attacker then navigates to the /settings/export-import page to export application data, which includes the fetched internal file, thus gaining access to restricted internal resources.
Who is affected
Organizations using the affected versions of Anything-LLM are at risk. Specifically, the vulnerability impacts systems where Anything-LLM is deployed and has access to internal network resources. This could potentially include a wide range of stakeholders within an organization, from IT staff to end-users, depending on the nature of the internal resources that could be accessed through the SSRF vulnerability.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.