CVE-2024-12779 – This SSRF vulnerability in infiniflow/ragflow v... (How to Fix)

Q: What is the severity of CVE-2024-12779?

CVE-2024-12779 has a CVSS score of 7.5 (HIGH). This SSRF vulnerability in infiniflow/ragflow version 0.12.0 allows attackers to make the server send requests to arbitrary URLs, potentially accessing internal web resources. Attackers can exploit this by specifying malicious URLs in API endpoints when adding an OPENAITTS model. Organizations running vulnerable versions of ragflow are affected.

📋 TL;DR

This SSRF vulnerability in infiniflow/ragflow version 0.12.0 allows attackers to make the server send requests to arbitrary URLs, potentially accessing internal web resources. Attackers can exploit this by specifying malicious URLs in API endpoints when adding an OPENAITTS model. Organizations running vulnerable versions of ragflow are affected.

💻 Affected Systems

Products:

infiniflow/ragflow

Versions: 0.12.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with the vulnerable endpoints exposed and accessible.

📦 What is this software?

Ragflow by Infiniflow

View all CVEs affecting Ragflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of internal network resources, data exfiltration from internal systems, and potential lateral movement to other internal services.

🟠

Likely Case

Unauthorized access to internal web applications, metadata services, or cloud instance metadata leading to information disclosure.

🟢

If Mitigated

Limited to accessing only allowed external resources with proper network segmentation and input validation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires ability to add LLM models and access TTS endpoints, but no authentication bypass needed beyond normal API access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.12.1 or later

Vendor Advisory: https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0

Restart Required: No

Instructions:

1. Update ragflow to version 0.12.1 or later. 2. Verify the update was successful. 3. Test the affected endpoints to ensure SSRF is mitigated.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict outbound network access from the ragflow server to only necessary external services.

Input Validation

all

Implement URL validation and whitelisting for the api_base parameter in affected endpoints.

🧯 If You Can't Patch

Implement strict network egress filtering to prevent the server from accessing internal resources
Disable or restrict access to the vulnerable endpoints via web application firewall or API gateway

🔍 How to Verify

Check if Vulnerable:

Check if running ragflow version 0.12.0 and test if the /v1/llm/add_llm endpoint accepts arbitrary URLs in api_base parameter.

Check Version:

Check ragflow version in application configuration or via package manager (e.g., pip show ragflow)

Verify Fix Applied:

Update to version 0.12.1+ and test that the api_base parameter now validates URLs properly and rejects internal/unauthorized URLs.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound requests from ragflow server to internal IP addresses
Multiple failed attempts to access internal resources via api_base parameter

Network Indicators:

HTTP requests from ragflow server to internal network segments or metadata services

SIEM Query:

source="ragflow" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16 OR dest_ip=169.254.169.254)

📊 Metadata

CVE ID: CVE-2024-12779

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-918

EPSS Score: 0.1% exploit probability (27.8th percentile)

Published: March 20, 2025

Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12779, you might also want to check these: