Frigate is an open-source network video recorder (NVR) software designed for real-time local object detection on IP cameras. Versions prior to 0.16.3 contain a Server-Side Request Forgery (SSRF) vulnerability identified as CVE-2026-33126 (CWE-918). The vulnerability resides in the /ffprobe endpoint, which accepts URLs as input parameters to probe media streams. Due to insufficient validation of these URLs, an attacker with at least low-level privileges can supply arbitrary URLs, causing the Frigate server to initiate HTTP requests to unintended destinations. This can be exploited to access internal network resources that are otherwise inaccessible externally, including cloud provider metadata services (e.g., AWS, Azure, GCP), internal APIs, or services protected by network segmentation. Additionally, the attacker can perform port scanning or reconnaissance of internal infrastructure by observing response behaviors. The vulnerability does not directly compromise confidentiality but can lead to information disclosure and facilitate further attacks. The flaw requires no user interaction but does require some level of privilege on the Frigate server, which may be limited to authenticated users or local network access depending on deployment. The issue was addressed in Frigate version 0.16.3 by implementing proper URL validation and restrictions on the /ffprobe endpoint. No public exploits or active exploitation campaigns have been reported to date.

The primary impact of this SSRF vulnerability is unauthorized internal network reconnaissance and information disclosure. Attackers can leverage the Frigate server as a proxy to access sensitive internal services, including cloud metadata endpoints that may expose credentials or tokens. This can lead to privilege escalation, lateral movement, or data exfiltration in complex attack chains. Organizations relying on Frigate for video surveillance may inadvertently expose critical internal infrastructure if the server is accessible to untrusted users or networks. The vulnerability could also be used to map internal network topology or identify vulnerable services for subsequent exploitation. While the direct impact on confidentiality is limited to information disclosure, the indirect consequences can be severe, especially in cloud environments or segmented networks. Availability and integrity impacts are minimal as the vulnerability does not allow direct code execution or denial of service. However, the SSRF can be a stepping stone for more damaging attacks.

To mitigate this vulnerability, organizations should upgrade Frigate installations to version 0.16.3 or later, where the SSRF flaw is patched. If immediate upgrading is not feasible, administrators should restrict access to the /ffprobe endpoint by implementing network-level controls such as firewall rules or reverse proxy restrictions to limit requests to trusted users and networks only. Additionally, deploying Web Application Firewalls (WAFs) with SSRF detection rules can help identify and block malicious requests targeting this endpoint. Monitoring logs for unusual or unexpected URL parameters in /ffprobe requests can provide early detection of exploitation attempts. Network segmentation should be enforced to minimize the exposure of sensitive internal services accessible via SSRF. Finally, cloud metadata service access should be restricted using vendor-specific controls (e.g., IMDSv2 for AWS) to reduce the risk of credential theft through SSRF.