Description
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-20
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: Server-Side Request Forgery (SSRF)
Action: Apply Patches
AI Analysis

Impact

The vulnerability is located in the _get_bytes_from_web_url function of the Internal Service module in modelscope agentscope, allowing an attacker to construct arbitrary URLs that the service will resolve. Such server-side request forgery can force the application to make originating requests to any target, potentially exposing internal resources or allowing data exfiltration. The impact is a loss of confidentiality, integrity, or availability of internal data depending on which URLs are targeted.

Affected Systems

The affected product is modelscope agentscope, versions up to and including 1.0.18. No other versions are noted in the advisory.

Risk and Exploitability

The CVSS score is 6.9, indicating a medium severity. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. The attack can be initiated remotely with no authentication, and the exploit has already been released publicly, making it likely that attackers could use it once the host is discovered.

Generated by OpenCVE AI on April 20, 2026 at 06:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version newer than 1.0.18 when it becomes available
  • Configure outbound network restrictions so the agentscope service can only reach trusted hosts
  • Validate or sanitize URLs in _get_bytes_from_web_url to reject internal and disallowed addresses

Generated by OpenCVE AI on April 20, 2026 at 06:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title modelscope agentscope Internal Service _common.py _get_bytes_from_web_url server-side request forgery
First Time appeared Modelscope
Modelscope agentscope
Weaknesses CWE-918
CPEs cpe:2.3:a:modelscope:agentscope:*:*:*:*:*:*:*:*
Vendors & Products Modelscope
Modelscope agentscope
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Modelscope Agentscope
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-20T04:30:13.482Z

Reserved: 2026-04-19T14:12:00.295Z

Link: CVE-2026-6605

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-20T05:16:15.780

Modified: 2026-04-20T05:16:15.780

Link: CVE-2026-6605

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T06:30:45Z

Weaknesses