CVE-2025-62615 – This CVE describes a Server-Side Request Forger... (How to Fix)

Q: What is the severity of CVE-2025-62615?

CVE-2025-62615 has a CVSS score of 9.8 (CRITICAL). This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in AutoGPT's RSSFeedBlock component. Attackers can exploit unfiltered URL inputs to make unauthorized requests to internal systems. Users running vulnerable AutoGPT versions with RSSFeedBlock functionality are affected.

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in AutoGPT's RSSFeedBlock component. Attackers can exploit unfiltered URL inputs to make unauthorized requests to internal systems. Users running vulnerable AutoGPT versions with RSSFeedBlock functionality are affected.

💻 Affected Systems

Products:

AutoGPT

Versions: All versions prior to autogpt-platform-beta-v0.6.34

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments using RSSFeedBlock functionality. The vulnerability exists in the third-party urllib.request.urlopen library usage.

📦 What is this software?

Autogpt Platform by Agpt

View all CVEs affecting Autogpt Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of internal infrastructure, data exfiltration, or lateral movement to cloud metadata services and internal APIs.

🟠

Likely Case

Information disclosure from internal services, port scanning of internal networks, or limited data access.

🟢

If Mitigated

Minimal impact if network segmentation restricts outbound connections and internal services require authentication.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SSRF vulnerabilities typically have low exploitation complexity when unfiltered URL inputs are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: autogpt-platform-beta-v0.6.34

Vendor Advisory: https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-r55v-q5pc-j57f

Restart Required: Yes

Instructions:

1. Update AutoGPT to version autogpt-platform-beta-v0.6.34 or later. 2. Restart the AutoGPT service. 3. Verify the update was successful.

🔧 Temporary Workarounds

Disable RSSFeedBlock

all

Temporarily disable RSSFeedBlock functionality until patching is possible

Modify configuration to remove or disable RSSFeedBlock components

Network Restriction

all

Implement network controls to restrict outbound connections from AutoGPT instances

Configure firewall rules to limit AutoGPT's network access

🧯 If You Can't Patch

Implement strict network segmentation to isolate AutoGPT instances from sensitive internal systems
Deploy web application firewalls (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check AutoGPT version and verify if RSSFeedBlock is enabled in vulnerable versions

Check Version:

Check AutoGPT configuration or package manager for installed version

Verify Fix Applied:

Confirm version is autogpt-platform-beta-v0.6.34 or later and test RSSFeedBlock functionality

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from AutoGPT to internal IP addresses
Requests to metadata services (169.254.169.254, etc.)

Network Indicators:

HTTP traffic from AutoGPT to unexpected internal destinations
Port scanning patterns originating from AutoGPT instances

SIEM Query:

source="autogpt" AND (dest_ip=169.254.169.254 OR dest_ip IN [RFC1918 ranges])

📊 Metadata

CVE ID: CVE-2025-62615

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-918

EPSS Score: 0.05% exploit probability (16.7th percentile)

Published: February 4, 2026

Last Updated: February 17, 2026

🔗 References

https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-r55v-q5pc-j57f Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-62615, you might also want to check these: