Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-accessible SSRF requiring authenticated low-privilege access; confidentiality-only impact from server-side request forgery, no direct integrity or availability consequence.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Server-side request forgery in aerostackdev aerostack-mcp's mcp-whatsapp component allows authenticated remote attackers to manipulate the media_url argument of the upload_media function, causing the server to issue arbitrary outbound HTTP requests on the attacker's behalf. Affected installations span all commits up to 6315dfde7df0a15aaf743f88d91347115e09ba23 with no vendor patch available and no maintainer response to the disclosure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold at least low-level authenticated access to the aerostack-mcp service (CVSS 4.0 PR:L), meaning valid credentials or a session token capable of invoking the `upload_media` function in the mcp-whatsapp component must be obtained first. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 5.3 (Medium) reflects a network-reachable flaw with low attack complexity but a meaningful constraint: low privileges are required (PR:L), meaning unauthenticated exploitation is not supported by the available scoring data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained low-privilege access to the aerostack-mcp service submits a crafted `media_url` value such as `http://169.254.169.254/latest/meta-data/iam/security-credentials/` to the `upload_media` endpoint of the mcp-whatsapp component. The server fetches the supplied URL and returns cloud IAM credentials or internal service responses to the attacker, enabling lateral movement or privilege escalation within the hosting environment. … |
| Remediation | No vendor-released patch has been identified at time of analysis; the maintainer has not responded to the coordinated disclosure reported at https://github.com/aerostackdev/aerostack-mcp/issues/3. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42611
GHSA-rx6v-r244-h59w