Server-side Request Forgery (SSRF)Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the handle_stream_crawl_request process. An attacker can access internal-only services and cloud-metadata endpoints by sending crafted requests to the affected API endpoints, causing the server to fetch and stream responses from arbitrary internal URLs.
How to fix Server-side Request Forgery (SSRF)? Upgrade Crawl4AI to version 0.9.0 or higher.
| |
Symlink AttackCrawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper
Affected versions of this package are vulnerable to Symlink Attack via the download process. An attacker can overwrite arbitrary files with attacker-controlled content by supplying crafted filenames containing absolute paths or directory traversal sequences, which are then written outside the intended downloads directory. This can lead to execution of malicious code by overwriting files such as shell rc-files, ~/.ssh/authorized_keys, cron entries, or Python modules on the import path. This is only exploitable if the crawler is run with sufficient privileges or in an environment where sensitive paths are writable.
How to fix Symlink Attack? Upgrade Crawl4AI to version 0.9.0 or higher.
| |
Arbitrary Code InjectionCrawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper
Affected versions of this package are vulnerable to Arbitrary Code Injection via the browser_config.extra_args parameter in API requests. An attacker can execute arbitrary commands as the container's runtime user by injecting malicious Chromium launch arguments, leading to full read/write access to application data, secrets, environment variables, and potential data exfiltration. This is only exploitable if the Docker API server is left unauthenticated and accessible to attackers.
How to fix Arbitrary Code Injection? Upgrade Crawl4AI to version 0.9.0 or higher.
| |
Server-side Request Forgery (SSRF)Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper
Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the proxy_config.server parameter in the browser_config or crawler_config objects, as well as related proxy settings in extra_args. An attacker can access internal services and cloud-metadata endpoints by supplying a proxy address pointing to internal IPs, causing the server to route requests through attacker-controlled proxies and return sensitive responses.
How to fix Server-side Request Forgery (SSRF)? Upgrade Crawl4AI to version 0.8.9 or higher.
| |