ChatGPTNextWeb NextChat Server-Side Request Forgery Vulnerability in Artifacts Endpoint

A server-side request forgery (SSRF) vulnerability has been identified in ChatGPTNextWeb NextChat versions through 2.16.1. The issue resides in the Artifacts Endpoint, specifically within the storeUrl function of app/api/artifacts/route.ts. The vulnerability allows attackers to manipulate the 'id' query parameter, escaping the confines of the Cloudflare KV namespace and accessing arbitrary Cloudflare API endpoints. This exploitation is facilitated by the unvalidated user-controlled input being directly integrated into a backend fetch request, with the server's privileged 'CLOUDFLARE_KV_API_KEY' token automatically appended, potentially leading to unauthorized actions on the victim's Cloudflare account.

Impact

Exploitation of this vulnerability allows for critical SSRF, with the added consequence of leaking sensitive information from the victim's Cloudflare account, due to the unauthorized use of the 'CLOUDFLARE_KV_API_KEY' token.

Reproduction

To reproduce this vulnerability, deploy the affected application version and ensure it is configured to use Cloudflare KV. Then, send a GET request to the '/api/artifacts' endpoint with a crafted 'id' parameter that includes directory traversal sequences to escape the KV namespace and access the Cloudflare API root. The 'CLOUDFLARE_KV_API_KEY' will be included in the request, allowing access to privileged API endpoints.