EUVD-2026-21551CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using request-promise without any IP address validation, enabling Server-Side Request Forgery attacks against internal networks and cloud metadata endpoints. This vulnerability is fixed in 4.8.5.
Analysis
Server-Side Request Forgery in Chartbrew versions prior to 4.8.5 allows authenticated users to create API data connections with arbitrary URLs, enabling attacks against internal networks and cloud metadata endpoints. The vulnerability stems from unvalidated URL fetching via request-promise library, permitting attackers to probe internal infrastructure, access cloud instance metadata (AWS, Azure, GCP), and potentially retrieve sensitive credentials or configuration data. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Chartbrew deployments and document current versions; restrict network access to Chartbrew instances via firewall rules to trusted sources only. Within 7 days: Implement network segmentation to prevent Chartbrew from reaching internal infrastructure and cloud metadata endpoints (169.254.169.254 for AWS, equivalent for Azure/GCP); review and rotate any credentials accessible from Chartbrew servers. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today