CVE-2024-10044 CRITICAL

CVE-2024-10044: SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat

Vendor Lm-Sys
Product lm-sys/fastchat
Weakness CWE-918 · SSRF
Published December 30, 2024
Last update December 30, 2024
View on NVD All CVEs

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's credentials to perform unauthorized web actions or access unauthorized web resources by combining it with the POST /register_worker endpoint.

Key dates

02Disclosure timeline

December 30, 2024 CVE published
December 30, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns) CVE-2020-7328 Server-Side Request Forgery (SSRF) in MVISION Endpoint ePO extension CVE-2026-32812 Admidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata Endpoint CVE-2026-2948 Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Server-Side Request Forgery via 'imageUrl' CVE-2024-13139 wangl1989 mysiteforme FileController doContent server-side request forgery