CVE-2026-7150
Deferred Deferred - Pending Action
Server-Side Request Forgery in MCP Tool auto_favicon Component

Publication date: 2026-04-27

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generate_favicon_from_url of the file src/auto_favicon/server.py of the component MCP Tool. The manipulation of the argument image_url results in server-side request forgery. The attack may be performed from remote. The exploit has been made public and could be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-27
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7150
EUVD
EUVD-2026-25912
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dh1011 auto_favicon to f189116a9259950c2393f114dbcb94dde0ad864b (inc)
dh1011 auto-favicon to f189116a9259950c2393f114dbcb94dde0ad864b (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-7150 is a Server-Side Request Forgery (SSRF) vulnerability found in the MCP Tool component of the auto-favicon project, specifically in the function generate_favicon_from_url located in src/auto_favicon/server.py.

The vulnerability occurs because the function does not validate the image_url argument. It lacks any allowlist, does not reject private or loopback IP addresses, does not filter redirect targets, and does not restrict URL schemes.

This allows an attacker to supply arbitrary URLs, causing the server to fetch resources from internal network addresses such as loopback (127.0.0.1), private IPs, link-local addresses, or cloud metadata endpoints.

The server performs an HTTP GET request asynchronously to the provided URL without validation and processes the fetched bytes as a favicon image, integrating this network fetch into normal business logic.

This direct use of unvalidated URLs constitutes a straightforward SSRF vulnerability that can be exploited remotely.

Compliance Impact

The vulnerability allows an attacker to perform server-side request forgery (SSRF), potentially exposing internal HTTP services, admin panels, and cloud metadata endpoints. This exposure can lead to unauthorized access to sensitive information, which may impact confidentiality.

Such unauthorized access and potential data exposure could negatively affect compliance with standards and regulations that require protection of sensitive data, such as GDPR and HIPAA, by increasing the risk of data breaches or unauthorized data disclosure.

Mitigations include strict URL validation, blocking requests to internal IP ranges, and restricting allowed URL schemes, which are necessary to reduce the risk and help maintain compliance with these regulations.

Impact Analysis

This vulnerability can have a high impact on confidentiality because it allows attackers to access internal HTTP services, admin panels, and cloud metadata endpoints that are normally protected from external access.

The integrity and availability impacts are considered low to medium, depending on how the internal services respond when accessed by the attacker.

An attacker who can invoke the vulnerable function and whose server can reach internal network destinations can exploit this to gather sensitive information or potentially interfere with internal services.

Detection Guidance

This vulnerability can be detected by monitoring for unusual or unauthorized requests made by the auto-favicon MCP tool to internal or private IP addresses, such as loopback (127.0.0.1), RFC1918 private IPs, link-local addresses, or cloud metadata endpoints.

Detection can involve inspecting logs or network traffic for HTTP GET requests initiated by the server to these internal addresses, especially those triggered by the generate_favicon_from_url function.

Suggested commands to help detect exploitation attempts include:

  • Using network monitoring tools like tcpdump or Wireshark to capture outgoing HTTP requests from the server to internal IP ranges.
  • Example tcpdump command to monitor HTTP requests to private IP ranges: tcpdump -i <interface> 'dst net 127.0.0.0/8 or dst net 10.0.0.0/8 or dst net 172.16.0.0/12 or dst net 192.168.0.0/16 and tcp port 80'
  • Checking application logs for JSON-RPC requests invoking generate_favicon_from_url with suspicious image_url parameters pointing to internal or private IP addresses.
  • Using curl or similar tools to test the endpoint manually with crafted requests to see if the server fetches internal URLs, e.g.: curl -X POST -d '{"method":"generate_favicon_from_url","params":{"image_url":"http://127.0.0.1:8000/internal.png"}}' <server_endpoint>
Mitigation Strategies

Immediate mitigation steps include implementing strict URL validation before the server issues any network requests in the generate_favicon_from_url function.

  • Block requests to loopback, RFC1918 private IP ranges, link-local, multicast, and cloud metadata IP addresses after DNS resolution.
  • Restrict allowed URL schemes to HTTPS and enforce a trusted host allowlist.
  • Validate all redirect targets to prevent bypassing restrictions via HTTP redirects.
  • Disable the URL-based favicon generation tool when exposed to untrusted callers or networks.

These mitigations reduce the risk of server-side request forgery by preventing the server from fetching unauthorized internal resources.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7150. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart