A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due to a hostname confusion between the urlparse
function from the urllib.parse
library and the requests
library. A malicious user can exploit this by submitting a specially crafted URL, such as http://localhost:@google.com/../
, to bypass the SSRF check and perform an SSRF attack.
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.