Sonarverse Audiostreaming Stack SSRF Vulnerability Analysis

Sonarverse Audiostreaming Stack SSRF Vulnerability Summary Vulnerability Overview Vulnerability Name: Server-Side Request Forgery via user-controlled URLs in dashboard API client Severity: Critical / CVSS v3 9.9 Description: An SSRF vulnerability exists in the dashboard API client of the Sonarverse Radio Audio Streaming Stack. Instances created using the provided script (including the one-liner bash command) are affected. In these deployments, the dashboard accepts user-controlled URLs and passes them directly to the server-side HTTP client without sufficient validation. Impact: Authenticated operators can leverage this functionality to initiate arbitrary HTTP requests from the dashboard backend to internal or external systems. Access to internal services not exposed to the internet (e.g., metadata APIs or administration panels). Interaction with cloud instance metadata endpoints. Bypassing IP-based access controls and network segmentation. Scope of Impact Affected Versions: Instances created using prior to commit . Fixed Versions: Instances created from commit or later. Remediation Official Fix: Validate and restrict target URLs before they are used by the server-side HTTP client. Restrict requests to a strict allowlist of URLs or paths. Remove the ability for user input to control the complete URL. Recommendation: It is strongly recommended to reinstall from the fixed commit. Workarounds: Disable or strictly limit features that allow users to submit or influence target URLs within the dashboard. Implement strict firewall and network policies to prevent the dashboard backend from accessing the internal network or cloud metadata endpoints. Restrict outbound traffic from the host running the stack, allowing it to contact only specific domains (e.g., analytics and telemetry endpoints). Note: These mitigations do not fully resolve the underlying SSRF vulnerability.

Goal Reached Thanks to every supporter — we hit 100%!

Sonarverse Audiostreaming Stack SSRF Vulnerability Analysis

More from this source