JunoClaw SSRF Vulnerability in WAVS Bridge's computeDataVerify Function

A server-side request forgery (SSRF) vulnerability has been identified in the JunoClaw AI platform, specifically within the WAVS bridge component, in versions prior to v0.x.y-security-1. The issue arises because the computeDataVerify function processed agent-supplied URLs using the fetch() function without proper validation of the URL scheme, port, or resolved IP address. This oversight allowed for unauthorized access to cloud metadata services and internal network resources.

Impact

Exploitation of this vulnerability could lead to unauthorized access to cloud metadata credentials (such as AWS IAM, GCP service-account tokens, and Azure managed-identity tokens), as well as access to services on localhost and private networks, including unauthenticated Redis services and Elasticsearch.

Reproduction

The vulnerability can be reproduced by using a pre-patch version of JunoClaw and supplying a URL that exploits the lack of validation in the computeDataVerify function. This can be done by injecting a URL that, when fetched, accesses cloud metadata or services on a private network or localhost.

Remediation

Users can upgrade to JunoClaw version v0.x.y-security-1 or later, where this vulnerability has been fixed. Instructions for upgrading are available in the JunoClaw repository.