Key Information Summary Vulnerability Type Incorrect Access Control SSRF (Server-Side Request Forgery) Affected Versions rebuild 0.7.7 Vulnerability Description 1. Arbitrary File Read: - Attackers can read any file on the server by crafting specific requests. - Example code demonstrates how to read files via the interface. 2. SSRF Vulnerability: - Attackers can exploit this vulnerability to probe and attack internal networks. - Example code demonstrates how to perform SSRF attacks via the interface. Exploitation Method Arbitrary File Read: SSRF: Impact Sensitive Information Disclosure: Attackers can read sensitive files on the server, such as configuration files and log files. Internal Network Penetration: Attackers can probe and attack internal networks via the SSRF vulnerability. Mitigation Recommendations Strengthen Input Validation: Implement strict validation and filtering of user input to prevent malicious requests. Restrict File Read Permissions: Allow file reading only within specified directories to prevent arbitrary file access. Disable or Restrict SSRF Functionality: If SSRF is not required for business operations, disable it; otherwise, enforce strict URL controls to prevent internal network probing.