CVE-2025-66405
📋 TL;DR
CVE-2025-66405 is a Server-Side Request Forgery (SSRF) vulnerability in Portkey.ai Gateway versions before 1.14.0. Attackers can manipulate the x-portkey-custom-host header to make the gateway proxy requests to arbitrary internal or external systems. This affects all deployments using vulnerable versions of Portkey.ai Gateway.
💻 Affected Systems
- Portkey.ai Gateway
📦 What is this software?
Gateway by Portkey
⚠️ Risk & Real-World Impact
Worst Case
Complete internal network compromise via SSRF to access cloud metadata services, internal APIs, or sensitive backend systems, potentially leading to data exfiltration or lateral movement.
Likely Case
Unauthorized access to internal services, data leakage from internal APIs, or abuse of the gateway as a proxy for malicious requests.
If Mitigated
Limited impact if network segmentation restricts internal access and external requests are filtered, though SSRF vectors remain possible.
🎯 Exploit Status
Exploitation requires sending HTTP requests with a malicious x-portkey-custom-host header, which is trivial for attackers with network access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.14.0
Vendor Advisory: https://github.com/Portkey-AI/gateway/security/advisories/GHSA-hhh5-2cvx-vmfp
Restart Required: Yes
Instructions:
1. Update Portkey.ai Gateway to version 1.14.0 or later. 2. Restart the gateway service. 3. Verify the fix by checking the version and testing SSRF attempts.
🔧 Temporary Workarounds
Block malicious headers at WAF/Load Balancer
allConfigure web application firewall or load balancer to drop or sanitize requests containing x-portkey-custom-host header.
Restrict outbound network access
allUse network policies to limit the gateway's outbound connections to only trusted destinations.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the gateway from sensitive internal systems.
- Deploy a reverse proxy in front of the gateway to filter and validate all incoming requests.
🔍 How to Verify
Check if Vulnerable:
Send a test HTTP request to the gateway with x-portkey-custom-host header set to an internal IP (e.g., 127.0.0.1) and observe if it proxies the request.Check Version:
Check the gateway's version via its API or configuration; ensure it is 1.14.0 or higher.Verify Fix Applied:
After patching, repeat the test request; it should be rejected or not proxy to the specified host.📡 Detection & Monitoring
Log Indicators:
- Unusual outbound requests from the gateway to internal IPs or unexpected domains
- HTTP logs showing x-portkey-custom-host header usage
Network Indicators:
- Unexpected proxy traffic from the gateway to non-whitelisted destinations
SIEM Query:
source="portkey-gateway" AND (http_header="x-portkey-custom-host" OR dest_ip IN [internal_ranges])