{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/bigsweetpotatostudio/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7223"}],"_cs_exploited":false,"_cs_products":["HyperChat"],"_cs_severities":["high"],"_cs_tags":["ssrf","vulnerability","webserver"],"_cs_type":"advisory","_cs_vendors":["BigSweetPotatoStudio"],"content_html":"\u003cp\u003eA server-side request forgery (SSRF) vulnerability, identified as CVE-2026-7223, affects BigSweetPotatoStudio HyperChat up to version 2.0.0-alpha.63. The vulnerability resides in the \u0026lsquo;fetch\u0026rsquo; function within the AI Proxy Middleware located at \u003ccode\u003epackages/core/src/http/aiProxyMiddleware.mts\u003c/code\u003e. By manipulating the \u003ccode\u003ebaseurl\u003c/code\u003e argument, a remote attacker can force the server to make arbitrary HTTP requests to internal or external resources. This issue allows attackers to potentially access sensitive information, bypass security controls, or perform other malicious actions. The vulnerability is remotely exploitable, and a public exploit is available, increasing the risk of widespread exploitation. The project maintainers were notified but have not responded.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies an instance of BigSweetPotatoStudio HyperChat running version 2.0.0-alpha.63 or earlier.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the AI Proxy Middleware component.\u003c/li\u003e\n\u003cli\u003eThe crafted request includes a manipulated \u003ccode\u003ebaseurl\u003c/code\u003e argument within the request to the \u003ccode\u003efetch\u003c/code\u003e function, pointing to an internal resource (e.g., \u003ccode\u003ehttp://localhost:8080/admin\u003c/code\u003e) or an external server controlled by the attacker.\u003c/li\u003e\n\u003cli\u003eThe HyperChat server, without proper validation of the \u003ccode\u003ebaseurl\u003c/code\u003e, uses it to make an HTTP request.\u003c/li\u003e\n\u003cli\u003eIf the \u003ccode\u003ebaseurl\u003c/code\u003e points to an internal resource, the server retrieves the content of that resource and sends it back to the attacker.\u003c/li\u003e\n\u003cli\u003eIf the \u003ccode\u003ebaseurl\u003c/code\u003e points to an external server, the server makes a request to the attacker\u0026rsquo;s server, potentially leaking sensitive information in the request headers or body.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the response from the server to gather sensitive information or identify further attack vectors.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SSRF vulnerability (CVE-2026-7223) can allow an attacker to read sensitive internal data, such as configuration files or API keys, potentially leading to full system compromise. The attacker could also use the vulnerable server as a proxy to scan internal networks or attack other internal systems. Due to the public availability of the exploit, organizations using vulnerable versions of HyperChat are at increased risk of being targeted. The CVSS v3.1 base score for this vulnerability is 7.3, indicating a high severity.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply appropriate input validation and sanitization to the \u003ccode\u003ebaseurl\u003c/code\u003e argument in the AI Proxy Middleware to prevent manipulation, addressing CVE-2026-7223.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to restrict access from the HyperChat server to only necessary internal resources.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;HyperChat SSRF Attempt\u0026rdquo; to detect attempts to exploit the vulnerability via HTTP request patterns.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious outbound connections originating from the HyperChat server, correlating with user input.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-23T12:00:00Z","date_published":"2024-01-23T12:00:00Z","id":"/briefs/2024-01-23-hyperchat-ssrf/","summary":"A server-side request forgery (SSRF) vulnerability exists in BigSweetPotatoStudio HyperChat up to version 2.0.0-alpha.63, allowing a remote attacker to manipulate the 'baseurl' argument in the 'fetch' function of the AI Proxy Middleware component to make arbitrary HTTP requests.","title":"BigSweetPotatoStudio HyperChat AI Proxy Middleware Server-Side Request Forgery","url":"https://feed.craftedsignal.io/briefs/2024-01-23-hyperchat-ssrf/"}],"language":"en","title":"CraftedSignal Threat Feed — BigSweetPotatoStudio","version":"https://jsonfeed.org/version/1.1"}