<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>New-Api (&lt; 0.12.0-Alpha.1) - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/new-api--0.12.0-alpha.1/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Tue, 07 Jul 2026 13:16:31 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/new-api--0.12.0-alpha.1/feed.xml" rel="self" type="application/rss+xml"/><item><title>New API: SSRF Protection Bypass via Unresolved Hostname in Notification URLs</title><link>https://feed.craftedsignal.io/briefs/2026-07-ssrf-protection-bypass-unresolved-hostname/</link><pubDate>Tue, 07 Jul 2026 13:16:31 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-ssrf-protection-bypass-unresolved-hostname/</guid><description>An SSRF protection bypass vulnerability, CVE-2026-33655, in the QuantumNous new-api, affecting versions prior to v0.12.0-alpha.1, allows authenticated users to send requests to internal HTTP services by configuring notification URLs with unresolved hostnames, leading to potential sensitive internal data exposure through timing, errors, or response-dependent behavior.</description><content:encoded><![CDATA[<p>A significant vulnerability, CVE-2026-33655, has been identified in the QuantumNous <code>new-api</code> application, impacting all versions prior to <code>v0.12.0-alpha.1</code>. This Server-Side Request Forgery (SSRF) protection bypass allows authenticated users to interact with internal HTTP services that would otherwise be inaccessible. The flaw stems from a default configuration where <code>ApplyIPFilterForDomain</code> is disabled, meaning the application fails to resolve hostnames in notification URLs (Webhook, Bark, Gotify) to their IP addresses before applying IP filtering rules. This oversight permits an attacker to specify a hostname that resolves to an internal or metadata IP address, causing the vulnerable server to initiate outbound connections to these sensitive internal targets. This capability can be leveraged for internal network reconnaissance and information disclosure, posing a substantial risk to affected deployments.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Initial Access (Authenticated User)</strong>: An attacker gains or compromises a legitimate user account within the vulnerable <code>new-api</code> application, as this vulnerability requires authenticated access to configure notification URLs.</li>
<li><strong>Identify Internal Targets</strong>: The attacker identifies potential internal HTTP services or cloud metadata endpoints accessible from the <code>new-api</code> deployment network through reconnaissance or prior knowledge.</li>
<li><strong>Configure Notification URL</strong>: The authenticated attacker accesses the application's notification settings (e.g., Webhook, Bark, or Gotify) where custom URLs can be specified.</li>
<li><strong>SSRF Payload Insertion</strong>: The attacker crafts a notification URL containing an unresolved hostname (e.g., <code>localhost</code>, <code>169.254.169.254.nip.io</code> or a custom hostname resolving to an internal IP) that points to the identified internal target.</li>
<li><strong>Server Initiates Request</strong>: Upon a triggering event, the <code>new-api</code> application attempts to resolve the provided hostname and initiate an outbound connection for the notification.</li>
<li><strong>IP Filtering Bypass</strong>: Due to the default <code>ApplyIPFilterForDomain: false</code> setting in affected versions, the application does not resolve the hostname to its IP address and compare it against the configured internal/metadata IP blocklist before making the connection.</li>
<li><strong>Internal Network Interaction</strong>: The <code>new-api</code> server proceeds to make a direct network request to the internal IP address or metadata endpoint disguised by the attacker's crafted hostname.</li>
<li><strong>Information Disclosure</strong>: The attacker observes the application's behavior (e.g., timing, error messages, or direct responses) to discover internal network topology, sensitive data, or credentials, potentially leading to further exploitation and unauthorized access.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-33655 allows a regular authenticated user to bypass existing SSRF protections and compel the <code>new-api</code> server to initiate connections to internal HTTP services or cloud metadata APIs. Depending on the target environment, this can lead to significant information disclosure. Attackers can leverage timing analysis, error messages, or direct responses to map internal networks, enumerate services, or exfiltrate sensitive data such as API keys, cloud credentials, or private configuration details. While the advisory does not specify observed victim counts or sectors, any organization using affected <code>new-api</code> versions in an environment with accessible internal HTTP services is at risk of unauthorized data exposure and potential lateral movement.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately upgrade to <code>new-api</code> version <code>v0.12.0-alpha.1</code> or later to address CVE-2026-33655.</li>
<li>If immediate upgrade is not possible, explicitly enable <code>ApplyIPFilterForDomain: true</code> in your <code>new-api</code> configuration to enforce hostname resolution and IP filtering.</li>
<li>Implement an allowlist for domains that can be used in notification URLs, restricting connectivity to only known, legitimate external services.</li>
<li>Disable user-configurable notification URLs within the <code>new-api</code> where practical, limiting the attack surface for this and similar vulnerabilities.</li>
<li>Enforce robust outbound network filtering at the host or network layer, blocking connections from the <code>new-api</code> server to internal IP ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.169.254/32) and other unauthorized destinations.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>ssrf</category><category>api</category><category>vulnerability</category><category>bypass</category><category>web-application</category></item></channel></rss>