Bytedesk Server-Side Request Forgery Vulnerability in OpenRouter API

A server-side request forgery (SSRF) vulnerability has been identified in Bytedesk versions through 1.3.9. The issue resides in the OpenRouter integration, specifically within the 'getModels' function of the 'SpringAIOpenrouterRestService' class. The vulnerability allows remote attackers to manipulate the 'apiUrl' parameter, leading to unauthorized outbound HTTP requests to arbitrary hosts. This could be exploited to access internal services, cloud metadata, or sensitive information such as credentials.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can make the server send requests to internal or external resources on their behalf. This could lead to unauthorized access to internal services, cloud metadata exposure, or credential theft.

Reproduction

The vulnerability can be reproduced by sending a GET request to the '/openrouter/api/v1/models' endpoint with a crafted 'apiUrl' parameter. The server will then make a request to the specified URL, demonstrating the SSRF vulnerability. This can be automated with a script that includes the necessary headers and payload.

Remediation

Users are advised to upgrade to Bytedesk version 1.4.5.4, which addresses this vulnerability. The update is available as a Docker image or as a downloadable zip file.