SSRF Exploit via Upload Link Feature Allowing Arbitrary File Deletion and LFI
A Server-Side Request Forgery (SSRF) vulnerability in the upload link feature of mintplex-labs/anything-llm allows attackers with manager or admin roles to interact with internal applications, including the Collector API, leading to arbitrary file deletion and limited Local File Inclusion (LFI). This issue affects the latest version prior to 1.0.0, which contains the patch.
Available publicly on May 19 2024 | Available with Premium on Apr 01 2024
Threat Overview
The vulnerability stems from the application's handling of user-supplied links, which are fetched by an internal Collector API using a headless browser. This process inadvertently allows JavaScript code within the fetched pages to execute fetch requests to internal web applications, facilitating SSRF attacks. Attackers can exploit this to perform port scanning, access internal web apps, and escalate the attack by exploiting vulnerabilities in the Collector API for arbitrary file deletion and accessing sensitive log files.
Attack Scenario
An attacker hosts a malicious HTML file containing JavaScript code designed to send requests to internal applications and then uploads the link to this file using the application's upload link feature. The server fetches and processes the link, executing the malicious JavaScript, which performs actions such as port scanning or interacting with the Collector API to delete files or read sensitive logs. The server's responses are then forwarded to the attacker's server.
Who is affected
Users with manager or admin roles who can upload links are able to exploit this vulnerability. However, the ultimate impact is on the security and integrity of the server hosting the application, as it allows for unauthorized actions such as file deletion and access to sensitive information.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.