CRITICAL🇵🇱 Wersja polska

CVE-2026-34162

CVSS 10.0v3.1pub. 2026-03-31upd. 2026-04-01

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint (/api/core/app/httpTools/runTool) is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers, and body, then makes a server-side HTTP request and returns the complete response to the caller. This issue has been patched in version 4.14.9.5.

🤖 AI Analysis
How it works

The endpoint accepts user-supplied parameters: baseUrl, toolPath, HTTP method, headers, and request body, then independently executes an HTTP request on the server side and returns the full response to the caller. The lack of authentication mechanism (CWE-306) combined with the proxy function means that an attacker can direct requests to any network resources accessible from the server level (CWE-918). This makes it possible to query internal network infrastructure, cloud services (e.g., instance metadata endpoints), or other resources not directly accessible from the Internet.

Impact

An attacker without any privileges can gain access to sensitive internal network resources, steal credentials from cloud metadata services, and compromise the integrity and confidentiality of internal systems accessible from the FastGPT server.

Mitigation & patch

FastGPT should be updated to version 4.14.9.5, in which the vulnerability has been fixed. The patch is available in the project repository (commit bc7eae2ed61481a5e322208829be291faec58c00) and as an official release v4.14.9.5.

Who is affected

FastGPT (labring/FastGPT) in all versions before 4.14.9.5

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
  • Fastgpt

    APP
    Fastgpt
    < 4.14.9.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-40351CRITICAL9.8PL ✓ten sam produkt

NoSQL Injection w FastGPT umożliwia pominięcie uwierzytelnienia

CVE-2026-33075CRITICAL9.4PL ✓ten sam produkt

FastGPT: RCE i eksfiltracja sekretów przez złośliwy Dockerfile w workflow CI/CD

CVE-2026-40352HIGH8.8ten sam produkt

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulne...

CVE-2026-34163HIGH7.7ten sam produkt

FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, FastGPT's MCP (Model Context Protocol) to...

CVE-2026-40252MEDIUM5.3ten sam produkt

FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability (IDOR/BOLA) ...