SSRF Vulnerability in Upload Link Feature of mintplex-labs/anything-llm

CVE-2024-3149

Summary

A Server-Side Request Forgery (SSRF) vulnerability has been identified within the upload link feature of the Anything-LLM product from Mintplex Labs. This feature, which is accessible to users with manager or admin roles, utilizes an internal Collector API to process uploaded links through a headless browser. By exploiting this vulnerability, an attacker could host a malicious web page that performs actions such as internal port scanning and accessing non-public web applications. The interaction with the Collector API raises concerns as it may allow unauthorized activities, including arbitrary file deletions and limited local file inclusions. Particularly concerning is the potential access to NGINX access logs, which may reveal sensitive information, thereby increasing the risk of data exposure and further exploitation.

References