← Volver a CVEs
CVE-2024-12376
N/ADescripcion
A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado3/20/2025
Ultima modificacion7/31/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
lm-sys:fastchat
Debilidades (CWE)
CWE-918
Referencias
https://huntr.com/bounties/c9cc3f28-ee9f-4d2d-9ee5-8c6455a11892(security@huntr.dev)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.