Sonicverse Audio Streaming Stack Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in the Sonicverse Audio Streaming Stack dashboard. This issue affects installations created with the provided install.sh script, including those using the one-liner bash installer. The vulnerability arises because the dashboard API client accepts user-controlled URLs and forwards them to a server-side HTTP client without adequate validation. An authenticated operator could exploit this to make arbitrary HTTP requests from the dashboard backend to internal or external systems. Depending on the deployment, this could lead to unauthorized access to internal services, interaction with cloud instance metadata endpoints, or bypassing IP-based access controls and network segmentation.

Impact

Exploitation of this vulnerability allows authenticated operators to make arbitrary HTTP requests from the dashboard backend to internal or external systems. This could be used to access internal services not exposed to the internet, interact with cloud instance metadata endpoints, or bypass IP-based access controls and network segmentation.

Remediation

Users are advised to reinstall the Sonicverse Audio Streaming Stack from a fixed commit using the install.sh script. If immediate reinstallation is not possible, the vulnerable feature can be disabled or tightly restricted, and strict firewall and network policies can be enforced to prevent the dashboard backend from reaching internal networks or cloud metadata endpoints. Outbound traffic from the host running the stack can also be limited to only the specific domains that must be contacted.