- Description
- AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wrapper around Python's requests library, hardening the application against SSRF. The code for this wrapper can be found in autogpt_platform/backend/backend/util/request.py. The requested hostname of a URL which is being requested is validated, ensuring that it does not resolve to any local ipv4 or ipv6 addresses. However, this check is not sufficient, as a DNS server may initially respond with a non-blocked address, with a TTL of 0. This means that the initial resolution would appear as a non-blocked address. In this case, validate_url() will return the url as successful. After validate_url() has successfully returned the url, the url is then passed to the real request() function. When the real request() function is called with the validated url, request() will once again resolve the address of the hostname, because the record will not have been cached (due to TTL 0). This resolution may be in the "invalid range". This type of attack is called a "DNS Rebinding Attack". This vulnerability is fixed in 0.6.1.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- security-advisories@github.com
- CWE-918
- Hype score
- Not currently trending
🚨 CVE-2025-31490 🔴 HIGH (7.5) 🏢 Significant-Gravitas - AutoGPT 🏗️ < 0.6.1 🔗 https://t.co/cvZF5Kakc2 🔗 https://t.co/kGqDtdn2IS #CyberCron #VulnAlert #InfoSec https://t.co/lI8ScsU8l0
@cybercronai
16 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: 2 high #SSRF & exposure of sensitive info to an unauthorized actor in @auto_gpt CVE-2025-31490, CVE-2025-31491 CVSS: 8.6-7.5. An attacker can exploit these vulnerabilities to leak auth headers & private cookies. https://t.co/85P7HRk9IB & https://t.co/wzelvRxq
@CCBalert
15 Apr 2025
202 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:agpt:autogpt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F1DDA70-0612-49C3-9F7A-A1DEDFDD108D",
"versionEndExcluding": "0.6.1"
}
],
"operator": "OR"
}
]
}
]