← Back to CVEs
CVE-2024-12376
N/ADescription
A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials.
CVE Details
CVSS v3.1 ScoreN/A
Published3/20/2025
Last Modified7/31/2025
Sourcenvd
Honeypot Sightings0
Affected Products
lm-sys:fastchat
Weaknesses (CWE)
CWE-918
References
https://huntr.com/bounties/c9cc3f28-ee9f-4d2d-9ee5-8c6455a11892(security@huntr.dev)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.