CVE-2024-12376
📋 TL;DR
A Server-Side Request Forgery (SSRF) vulnerability in lm-sys/fastchat web server allows attackers to make the server send requests to internal resources, potentially accessing sensitive data like AWS metadata credentials. This affects anyone running the vulnerable version of fastchat web server. Attackers could leverage this to steal credentials, access internal services, or pivot to other systems.
💻 Affected Systems
- lm-sys/fastchat
📦 What is this software?
Fastchat by Lm Sys
⚠️ Risk & Real-World Impact
Worst Case
Attacker obtains AWS metadata credentials, gains full cloud environment access, exfiltrates sensitive data, deploys malware, or causes significant financial/reputational damage.
Likely Case
Attacker accesses internal services, steals credentials from metadata services, performs reconnaissance on internal network, or uses server as proxy for attacks.
If Mitigated
Limited impact due to network segmentation, metadata service restrictions, or request validation preventing successful exploitation.
🎯 Exploit Status
Exploitation requires understanding of SSRF techniques and knowledge of internal network/services. No public exploit code identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after git commit 2c68a13
Vendor Advisory: https://huntr.com/bounties/c9cc3f28-ee9f-4d2d-9ee5-8c6455a11892
Restart Required: No
Instructions:
1. Update to latest fastchat version. 2. Verify the fix by checking git commit is newer than 2c68a13. 3. Restart the fastchat web server service.
🔧 Temporary Workarounds
Network Segmentation
linuxRestrict outbound network access from fastchat server to prevent SSRF to internal services
iptables -A OUTPUT -p tcp --dport 80 -j DROP
iptables -A OUTPUT -p tcp --dport 443 -j DROP
Metadata Service Protection
linuxBlock access to cloud metadata endpoints (like 169.254.169.254 for AWS)
iptables -A OUTPUT -d 169.254.169.254 -j DROP
🧯 If You Can't Patch
- Implement strict network egress filtering to block requests to internal IP ranges and metadata services
- Deploy web application firewall (WAF) with SSRF protection rules to detect and block malicious requests
🔍 How to Verify
Check if Vulnerable:
Check if fastchat web server is running version with git commit 2c68a13 or earlierCheck Version:
git log --oneline -1Verify Fix Applied:
Confirm fastchat version is updated beyond commit 2c68a13 and test SSRF attempts are blocked📡 Detection & Monitoring
Log Indicators:
- Unusual outbound HTTP requests from fastchat server
- Requests to internal IP addresses or metadata endpoints
- Failed connection attempts to restricted addresses
Network Indicators:
- Fastchat server making unexpected outbound connections
- Traffic to cloud metadata services (169.254.169.254)
- HTTP requests with unusual User-Agent strings
SIEM Query:
source="fastchat" AND (dest_ip=169.254.169.254 OR dest_ip IN [10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16])