CVE-2026-3788: Server-Side Request Forgery in Bytedesk
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
AI Analysis
Technical Summary
CVE-2026-3788 is a server-side request forgery (SSRF) vulnerability identified in Bytedesk software versions 1.3.0 through 1.3.9. The flaw exists in the getModels function within the SpringAIOpenrouterRestService.java file, specifically in the SpringAIOpenrouterRestController component. The vulnerability stems from insufficient validation or sanitization of the apiUrl parameter, which is used to make server-side HTTP requests. An attacker can remotely manipulate this parameter to coerce the server into making arbitrary HTTP requests to internal or external systems. This can lead to unauthorized access to internal services, bypassing firewall restrictions, or accessing sensitive data not normally exposed externally. The vulnerability requires low privileges (PR:L) but no user interaction (UI:N) and no authentication is needed to exploit it. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), and partial impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). The vulnerability has been publicly disclosed, but no known exploits are currently observed in the wild. The issue is fixed in Bytedesk version 1.4.5.4, with the patch identified by commit 975e39e4dd527596987559f56c5f9f973f64eff7. Organizations running affected versions should upgrade promptly to mitigate risk.
Potential Impact
The SSRF vulnerability in Bytedesk can have significant impacts on organizations using affected versions. Attackers can leverage this flaw to perform internal network reconnaissance, potentially accessing internal-only services and sensitive metadata endpoints. This can lead to unauthorized disclosure of confidential information, such as internal APIs, cloud metadata services, or database endpoints. Additionally, SSRF can be a stepping stone for further attacks like remote code execution or lateral movement within the network. The vulnerability affects confidentiality, integrity, and availability partially, as attackers might manipulate requests or cause denial of service conditions. Since exploitation requires only low privileges and no user interaction, the attack surface is broad, especially for internet-facing deployments of Bytedesk. Organizations with sensitive internal infrastructure behind Bytedesk servers are at higher risk. The medium CVSS score reflects these moderate but non-trivial risks. Failure to patch could expose organizations to data breaches and operational disruptions.
Mitigation Recommendations
To mitigate CVE-2026-3788, organizations should immediately upgrade Bytedesk to version 1.4.5.4 or later, which contains the official patch. Beyond upgrading, administrators should implement strict input validation and sanitization on any parameters that influence server-side requests, particularly apiUrl or similar inputs. Network segmentation should be enforced to limit Bytedesk server access to only necessary internal services, reducing the impact of SSRF exploitation. Deploy web application firewalls (WAFs) with rules to detect and block suspicious SSRF patterns. Monitor logs for unusual outbound requests originating from Bytedesk servers. Employ least privilege principles for Bytedesk service accounts to minimize potential damage. If upgrading is delayed, consider temporary mitigations such as disabling vulnerable features or restricting outbound HTTP requests from the Bytedesk server. Regularly review and audit third-party components for vulnerabilities and maintain an up-to-date patch management process.
Affected Countries
United States, Germany, United Kingdom, France, Japan, South Korea, China, India, Australia, Canada
CVE-2026-3788: Server-Side Request Forgery in Bytedesk
Description
A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component.
AI-Powered Analysis
Technical Analysis
CVE-2026-3788 is a server-side request forgery (SSRF) vulnerability identified in Bytedesk software versions 1.3.0 through 1.3.9. The flaw exists in the getModels function within the SpringAIOpenrouterRestService.java file, specifically in the SpringAIOpenrouterRestController component. The vulnerability stems from insufficient validation or sanitization of the apiUrl parameter, which is used to make server-side HTTP requests. An attacker can remotely manipulate this parameter to coerce the server into making arbitrary HTTP requests to internal or external systems. This can lead to unauthorized access to internal services, bypassing firewall restrictions, or accessing sensitive data not normally exposed externally. The vulnerability requires low privileges (PR:L) but no user interaction (UI:N) and no authentication is needed to exploit it. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), and partial impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). The vulnerability has been publicly disclosed, but no known exploits are currently observed in the wild. The issue is fixed in Bytedesk version 1.4.5.4, with the patch identified by commit 975e39e4dd527596987559f56c5f9f973f64eff7. Organizations running affected versions should upgrade promptly to mitigate risk.
Potential Impact
The SSRF vulnerability in Bytedesk can have significant impacts on organizations using affected versions. Attackers can leverage this flaw to perform internal network reconnaissance, potentially accessing internal-only services and sensitive metadata endpoints. This can lead to unauthorized disclosure of confidential information, such as internal APIs, cloud metadata services, or database endpoints. Additionally, SSRF can be a stepping stone for further attacks like remote code execution or lateral movement within the network. The vulnerability affects confidentiality, integrity, and availability partially, as attackers might manipulate requests or cause denial of service conditions. Since exploitation requires only low privileges and no user interaction, the attack surface is broad, especially for internet-facing deployments of Bytedesk. Organizations with sensitive internal infrastructure behind Bytedesk servers are at higher risk. The medium CVSS score reflects these moderate but non-trivial risks. Failure to patch could expose organizations to data breaches and operational disruptions.
Mitigation Recommendations
To mitigate CVE-2026-3788, organizations should immediately upgrade Bytedesk to version 1.4.5.4 or later, which contains the official patch. Beyond upgrading, administrators should implement strict input validation and sanitization on any parameters that influence server-side requests, particularly apiUrl or similar inputs. Network segmentation should be enforced to limit Bytedesk server access to only necessary internal services, reducing the impact of SSRF exploitation. Deploy web application firewalls (WAFs) with rules to detect and block suspicious SSRF patterns. Monitor logs for unusual outbound requests originating from Bytedesk servers. Employ least privilege principles for Bytedesk service accounts to minimize potential damage. If upgrading is delayed, consider temporary mitigations such as disabling vulnerable features or restricting outbound HTTP requests from the Bytedesk server. Regularly review and audit third-party components for vulnerabilities and maintain an up-to-date patch management process.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-03-08T07:20:23.877Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69ae0bcb2904315ca302ed58
Added to database: 3/8/2026, 11:52:43 PM
Last enriched: 3/9/2026, 12:07:17 AM
Last updated: 3/14/2026, 2:28:39 AM
Views: 23
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.