Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary...

8.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request Forgery (SSRF) vulnerability in Open WebUI allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This can be exploited to access cloud metadata endpoints (AWS/GCP/Azure), scan internal networks, access internal services behind firewalls, and exfiltrate sensitive information. No special permissions beyond basic authentication are required. This vulnerability is fixed in 0.6.37.

AI Analysis

Server-Side Request Forgery (SSRF) vulnerability allowing authenticated users to force the server to make arbitrary HTTP requests

Basic Information

ID CVE-2025-65958

Source GitHub_M

Published Dec 4, 2025 at 19:55

Affected Product

Vendor open-webui

Product open-webui

Version < 0.6.37

Affected Versions open-webui open-webui < 0.6.37

CWE Classification

CWE-918

AI Assessment

AI Score 8.5 / 10

AI Severity High

Vendor Open WebUI

Product Open WebUI

Version < 0.6.37

References

{
    "lastseen": "",
    "description": "Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request Forgery (SSRF) vulnerability in Open WebUI allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This can be exploited to access cloud metadata endpoints (AWS/GCP/Azure), scan internal networks, access internal services behind firewalls, and exfiltrate sensitive information. No special permissions beyond basic authentication are required. This vulnerability is fixed in 0.6.37.",
    "published": "2025-12-04T19:55:13.228Z",
    "modified": "2025-12-04T19:55:13.228Z",
    "type": "cve",
    "title": "Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web",
    "source": "GitHub_M",
    "references": "https://github.com/open-webui/open-webui/security/advisories/GHSA-c6xv-rcvw-v685\nhttps://github.com/open-webui/open-webui/commit/02238d3113e966c353fce18f1b65117380896774",
    "id": "CVE-2025-65958",
    "bulletinFamily": "",
    "cwe": [
        "CWE-918"
    ],
    "cvelist": null,
    "sourceData": "open-webui open-webui < 0.6.37",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "open-webui",
    "version": "< 0.6.37",
    "vendor": "open-webui",
    "ai_description": "Server-Side Request Forgery (SSRF) vulnerability allowing authenticated users to force the server to make arbitrary HTTP requests",
    "ai_severity": "High",
    "ai_vendor": "Open WebUI",
    "ai_product": "Open WebUI",
    "ai_version": "< 0.6.37",
    "ai_score": 8.5
}

Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web_CVE-2025-65958