CVE-2026-15500
Received Received - Intake

Server-Side Request Forgery in AstrBot via custom_registry Parameter

Vulnerability report for CVE-2026-15500, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-12

Last updated on: 2026-07-12

Assigner: VulDB

Description

A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function get_online_plugins of the file astrbot/dashboard/routes/plugin.py of the component market_list Endpoint. Executing a manipulation of the argument custom_registry can lead to server-side request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-12
Last Modified
2026-07-12
Generated
2026-07-12
AI Q&A
2026-07-12
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
astrbotdevs astrbot to 4.25.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-15500 is an authenticated Server-Side Request Forgery (SSRF) vulnerability in the AstrBot plugin market's custom registry handling. It occurs in the get_online_plugins function of the market_list endpoint, where an authenticated user can manipulate the custom_registry URL parameter.

The backend processes this untrusted input directly, making outbound HTTP requests to the specified URL and a related MD5 endpoint without proper validation. This allows an attacker to coerce the AstrBot server into making requests to internal or loopback services.

This flaw enables low-privileged users to access sensitive internal services such as administrative interfaces, cloud metadata endpoints, or internal APIs. The vulnerability affects AstrBot versions up to 4.25.2 and has been patched in later releases.

Compliance Impact

The vulnerability allows low-privileged authenticated users to perform server-side request forgery (SSRF), potentially accessing internal services such as administrative interfaces, cloud metadata endpoints, or internal APIs. This exposure of sensitive internal resources could lead to unauthorized access or data leakage.

Such unauthorized access or data exposure may impact compliance with standards and regulations like GDPR or HIPAA, which require protection of sensitive data and internal systems from unauthorized access. However, the provided information does not explicitly detail the compliance impact or specific regulatory consequences.

Impact Analysis

This vulnerability can allow an attacker with low privileges to make the AstrBot server perform unauthorized requests to internal or sensitive services that are normally inaccessible externally.

  • Exposure of sensitive internal services such as administrative interfaces.
  • Access to cloud metadata endpoints which may contain sensitive information.
  • Potential access to internal APIs that could lead to further exploitation or data leakage.

Overall, this can lead to information disclosure and potentially facilitate further attacks within the internal network.

Detection Guidance

This vulnerability can be detected by monitoring and analyzing requests to the /api/plugin/market_list endpoint, specifically looking for the presence of the custom_registry parameter being manipulated.

Since the vulnerability involves the server making outbound HTTP requests to attacker-controlled URLs, you can detect exploitation attempts by inspecting outbound HTTP traffic from the AstrBot server to unusual or internal IP addresses or URLs.

Commands to help detect this include using network monitoring tools or command-line utilities to capture and analyze HTTP requests and responses.

  • Use tcpdump or tshark to capture HTTP traffic on the server: tcpdump -i eth0 -A 'tcp port 80 or tcp port 443'
  • Use grep or similar tools to search server logs for requests containing the custom_registry parameter: grep 'custom_registry' /path/to/astrbot/logs/access.log
  • Monitor outbound HTTP requests from the server to internal or unusual IP addresses using tools like netstat or lsof: netstat -anp | grep ESTABLISHED
  • Use application-level logging or debugging to trace calls to the get_online_plugins function or the /api/plugin/market_list endpoint.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint and limiting the ability of low-privileged users to supply arbitrary URLs via the custom_registry parameter.

You should also implement input validation and sanitization on the custom_registry parameter to prevent the server from making requests to internal or unauthorized destinations.

If possible, apply the patch or upgrade AstrBot to a version later than 4.25.2 where this vulnerability has been fixed.

Additionally, consider network-level controls such as firewall rules to block outbound HTTP requests from the AstrBot server to internal IP ranges or sensitive services.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15500. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart