LoLLMs WebUI Server-Side Request Forgery Vulnerability

A critical Server-Side Request Forgery (SSRF) vulnerability exists in all versions of LoLLMs WebUI. The vulnerability is located in the '@router.post("/api/proxy")' endpoint, which allows unauthenticated attackers to make arbitrary GET requests. This exploitation can access internal services, scan local networks, or exfiltrate sensitive cloud metadata, such as AWS or GCP IAM tokens. As of now, no patched versions are available.

Impact

Exploitation of this vulnerability could lead to unauthorized access to internal services and networks, bypassing local access controls, and exfiltration of sensitive cloud metadata, including access tokens and instance information on platforms like AWS and GCP.

Reproduction

To reproduce this vulnerability, send a POST request to the '/api/proxy' endpoint with a URL pointing to an internal service or resource. The server will process the request and return the response from the internal resource, demonstrating the SSRF exploitation.

Remediation

To address this vulnerability, implement authentication for the endpoint, validate URLs to allow only trusted domains, and block requests to private IP ranges and cloud metadata endpoints.