CVE-2025-64709 is a Server-Side Request Forgery (SSRF) vulnerability classified under CWE-918, discovered in the open-source chatbot builder Typebot (baptisteArno project). The vulnerability exists in the webhook block's HTTP Request component in versions prior to 3.13.1. Authenticated users can exploit this flaw to send arbitrary HTTP requests from the Typebot server environment. Critically, this includes the ability to query the AWS Instance Metadata Service (IMDS), which provides temporary IAM credentials to AWS resources. The attacker can bypass IMDSv2 protections, which normally require session tokens, by injecting custom headers that circumvent the security mechanism. Extracted IAM credentials are associated with the EKS node role, granting the attacker extensive permissions within the Kubernetes cluster and AWS infrastructure. This can lead to full cluster compromise, data exfiltration, lateral movement, and persistent control over cloud resources. The vulnerability has a CVSS 3.1 score of 9.6 (critical), reflecting its high impact on confidentiality and integrity, ease of exploitation with only authentication required, and no user interaction needed. Although no known exploits are reported in the wild yet, the severity and potential impact necessitate urgent remediation. The fix was released in Typebot version 3.13.1, which addresses the SSRF issue by properly validating and restricting HTTP requests from the webhook block.

For European organizations leveraging Typebot in AWS EKS environments, this vulnerability poses a severe risk. Successful exploitation can lead to unauthorized access to sensitive cloud infrastructure, including Kubernetes clusters and AWS resources. This compromises confidentiality by exposing sensitive data and credentials, integrity by allowing attackers to manipulate workloads or configurations, and availability if attackers disrupt services or deploy malicious workloads. The breach of AWS IAM credentials can facilitate lateral movement across cloud services, increasing the attack surface. Organizations in sectors with stringent data protection requirements (e.g., finance, healthcare, government) face regulatory and reputational damage if exploited. The requirement for authentication limits exposure to internal or trusted users, but insider threats or compromised credentials can still trigger exploitation. The lack of user interaction needed means automated attacks are feasible once authenticated access is gained. Overall, the vulnerability threatens cloud security posture and operational continuity for European enterprises using vulnerable Typebot versions.

1. Immediately upgrade Typebot deployments to version 3.13.1 or later to apply the official patch that fixes the SSRF vulnerability. 2. Restrict access to the Typebot webhook block functionality to only trusted and necessary authenticated users, minimizing the attack surface. 3. Implement strict network segmentation and egress filtering on Kubernetes nodes to prevent unauthorized outbound HTTP requests to sensitive endpoints such as the AWS IMDS. 4. Employ AWS IAM best practices by limiting the permissions of the EKS node role to the minimum necessary, reducing potential damage if credentials are compromised. 5. Monitor logs and network traffic for unusual HTTP requests originating from Typebot servers, especially those targeting IMDS endpoints. 6. Use AWS security features such as IMDSv2 enforcement and AWS Config rules to detect and prevent unauthorized metadata access. 7. Conduct regular security audits and penetration tests focusing on internal SSRF vectors and webhook components. 8. Educate developers and administrators about the risks of SSRF and secure coding practices related to HTTP request handling within chatbot or webhook services.