Description
FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privileges) to send arbitrary HTTP requests to internal/private network addresses. The fetchData function in the lafModule workflow node uses axios to fetch user-controlled URLs without validating them against the application's internal network blocklist guard (isInternalAddress), bypassing SSRF protections. This issue has been patched in version 4.14.17.
Published: 2026-05-08
Score: 2.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

FastGPT, an AI agent building platform, contains a Server‑Side Request Forgery vulnerability in the lafModule workflow node. The fetchData function uses axios to retrieve user‑supplied URLs without verifying if the target is an internal address, bypassing the isInternalAddress guard. Attackers who can access the workflow node, including unauthenticated users or any user with app editing privileges, can send arbitrary HTTP requests to internal or private network addresses, potentially exposing sensitive data or enabling further internal exploitation. This flaw corresponds to CWE‑918. The CVSS score is 2.3, indicating low overall severity but still a notable risk when combined with access privileges.

Affected Systems

The affected product is labring:FastGPT. All installations running a version prior to v4.14.17 are vulnerable. Users running 4.14.17 or newer are not affected as the issue has been patched upstream.

Risk and Exploitability

The CVSS score of 2.3 and absence from the KEV catalog suggest that this vulnerability is not widely targeted or presently exploited. However, the likelihood of successful exploitation is non‑zero because the flaw allows unauthenticated or low‑privilege users to trigger outbound requests to internal destinations. An attacker can use this to discover internal hosts, read internal data, or pivot to other services. No public exploit is known yet, and the EPSS score is unavailable, so the exact risk can’t be quantified precisely. Nonetheless, because the flaw permits arbitrary network access from the server, it remains a potential attack vector worth addressing promptly.

Generated by OpenCVE AI on May 8, 2026 at 23:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FastGPT to version 4.14.17 or later to apply the official fix that restores internal address validation in the fetchData function.
  • If an upgrade is not immediately possible, review and tighten application editing permissions to prevent users from triggering the vulnerable workflow node, and consider disabling or sandboxing that node until the patch is applied.
  • As a temporary offset, implement network‑level controls (e.g., ACLs or firewalls) to block outbound traffic from the FastGPT service to internal or private network ranges, thereby limiting the potential impact of any remaining SSRF capability.

Generated by OpenCVE AI on May 8, 2026 at 23:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Labring
Labring fastgpt
Vendors & Products Labring
Labring fastgpt

Fri, 08 May 2026 22:30:00 +0000

Type Values Removed Values Added
Description FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privileges) to send arbitrary HTTP requests to internal/private network addresses. The fetchData function in the lafModule workflow node uses axios to fetch user-controlled URLs without validating them against the application's internal network blocklist guard (isInternalAddress), bypassing SSRF protections. This issue has been patched in version 4.14.17.
Title FastGPT: SSRF Vulnerability in Laf Workflow Node via Missing Internal Address Validation
Weaknesses CWE-918
References
Metrics cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Labring Fastgpt
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-08T22:17:17.908Z

Reserved: 2026-05-05T17:39:31.112Z

Link: CVE-2026-44286

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T23:16:39.647

Modified: 2026-05-08T23:16:39.647

Link: CVE-2026-44286

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-08T23:45:20Z

Weaknesses