Skip to main content

AstrBot CVE-2026-15500

| EUVDEUVD-2026-43222 LOW
Server-Side Request Forgery (SSRF) (CWE-918)
2026-07-12 VulDB GHSA-cxgh-3ffg-vj6h
2.1
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
2.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.3 MEDIUM

Authenticated network access required (PR:L); SSRF enables server-initiated reads of internal resources (C:L) with no direct integrity or availability impact on the vulnerable system.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jul 12, 2026 - 12:31 vuln.today
Severity Changed
Jul 12, 2026 - 12:22 NVD
MEDIUM LOW
CVSS changed
Jul 12, 2026 - 12:22 NVD
5.3 (MEDIUM) 2.1 (LOW)

DescriptionCVE.org

A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function get_online_plugins of the file astrbot/dashboard/routes/plugin.py of the component market_list Endpoint. Executing a manipulation of the argument custom_registry can lead to server-side request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Server-side request forgery in AstrBot up to version 4.25.2 allows authenticated remote attackers to cause the server to issue arbitrary HTTP requests by supplying a malicious value for the custom_registry parameter at the market_list plugin marketplace endpoint. The affected function is get_online_plugins in astrbot/dashboard/routes/plugin.py. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to AstrBot dashboard
Delivery
Send crafted GET/POST to market_list endpoint
Exploit
Supply malicious URL in custom_registry parameter
Execution
Server issues HTTP request to attacker-specified target
Impact
Read response from internal service or cloud metadata endpoint

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session on the AstrBot dashboard (PR:L in the CVSS 4.0 vector), meaning the attacker must possess credentials or a session token for the application. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.1 with vector AV:N/AC:L/AT:N/PR:L/UI:N reflects a genuinely low-severity finding despite SSRF being a meaningful vulnerability class. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with authenticated access to the AstrBot dashboard submits a crafted request to the `market_list` endpoint, setting `custom_registry` to an attacker-controlled URL or an internal address such as `http://169.254.169.254/latest/meta-data/`. The AstrBot server fetches that URL from its own network context, returning cloud instance metadata or internal service responses to the attacker. …
Remediation No vendor-released patch has been identified at time of analysis; the vendor did not respond to the coordinated disclosure. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-48957 HIGH POC
7.5 Jun 02

AstrBot versions 3.4.4 through 3.5.12 contain a path traversal vulnerability (CWE-23) in the dashboard feature that allo

CVE-2026-7579 MEDIUM POC
5.5 May 01

Hard-coded credentials in AstrBot Dashboard (versions ≤4.16.0) enable remote unauthenticated attackers to bypass authent

CVE-2026-6118 LOW POC
2.1 Apr 12

Command injection in AstrBot's MCP endpoint handler (add_mcp_server function) allows authenticated remote attackers to e

CVE-2026-15501 LOW POC
2.1 Jul 12

Server-side request forgery in AstrBot's dashboard MCP Test Endpoint allows low-privileged authenticated users to coerce

CVE-2026-10213 LOW POC
2.1 Jun 01

Path traversal in AstrBot 4.23.6 allows authenticated remote attackers to manipulate the Name parameter of the /api/skil

CVE-2026-10210 LOW POC
2.1 Jun 01

Injection in AstrBot 4.23.6 allows authenticated remote attackers to manipulate input through the `_sanitize_prompt_desc

CVE-2026-6117 LOW POC
2.1 Apr 12

AstrBot versions up to 4.22.1 allow authenticated remote attackers to bypass sandbox restrictions via malicious file upl

CVE-2026-10212 LOW POC
2.1 Jun 01

Authorization bypass in AstrBotDevs AstrBot 4.24.2 enables remote low-privilege authenticated attackers to manipulate th

CVE-2026-10211 LOW POC
2.1 Jun 01

Incorrect authorization in AstrBot 4.23.6 allows remote low-privileged attackers to bypass filesystem path restrictions

CVE-2026-8754 LOW POC
2.1 May 17

Path traversal in AstrBot dashboard file upload allows authenticated remote attackers to write files outside intended di

CVE-2026-6119 LOW POC
2.1 Apr 12

Server-side request forgery (SSRF) in AstrBot API endpoint post_data.get allows authenticated remote attackers to perfor

CVE-2026-15499 LOW POC
2.1 Jul 12

Improper authorization in AstrBot's Scheduled Task Handler allows a remote low-privileged user to bypass authorization c

Share

CVE-2026-15500 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy