CVE-2026-3789 is a server-side request forgery vulnerability identified in Bytedesk, specifically affecting versions 1.3.0 through 1.3.9. The vulnerability resides in the getModels function of the SpringAIGiteeRestService.java source file, part of the SpringAIGiteeRestController component. The issue arises from insufficient validation of the apiUrl argument, which an attacker can manipulate to coerce the server into making arbitrary HTTP requests. This can allow attackers to access internal resources, bypass network restrictions, or retrieve sensitive information from internal services not normally exposed externally. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P) reflects network attack vector, low attack complexity, no authentication needed, and partial impacts on confidentiality, integrity, and availability. The vulnerability was publicly disclosed on March 8, 2026, and a patch is available in Bytedesk version 1.4.5.4, identified by commit 975e39e4dd527596987559f56c5f9f973f64eff7. While no active exploitation has been reported, the availability of a public exploit increases the urgency for remediation.

The SSRF vulnerability in Bytedesk can have significant impacts on organizations deploying affected versions. Attackers can leverage this flaw to make unauthorized requests from the vulnerable server, potentially accessing internal network resources that are otherwise protected by firewalls or network segmentation. This can lead to unauthorized disclosure of sensitive internal data, reconnaissance of internal infrastructure, or pivoting to further internal attacks. Additionally, depending on the internal services accessible, attackers might exploit other vulnerabilities or cause denial of service. The medium CVSS score reflects partial impacts on confidentiality, integrity, and availability, but the lack of required authentication and user interaction increases the risk. Organizations running Bytedesk in sensitive environments or with access to critical internal systems are at higher risk. The presence of a public exploit increases the likelihood of attempted attacks, especially by opportunistic threat actors.

To mitigate this vulnerability, organizations should immediately upgrade Bytedesk to version 1.4.5.4 or later, which contains the official patch addressing the SSRF issue. If immediate upgrade is not feasible, implement network-level controls to restrict outbound HTTP requests from the Bytedesk server to only trusted destinations, minimizing the potential for SSRF exploitation. Employ web application firewalls (WAFs) with rules designed to detect and block SSRF attack patterns targeting the apiUrl parameter. Conduct thorough code reviews and input validation enhancements to ensure that user-supplied URLs are strictly validated against an allowlist of trusted domains or IP ranges. Monitor logs for unusual outbound requests or access patterns indicative of SSRF attempts. Additionally, segment internal networks to limit the impact of potential SSRF exploitation and restrict access to sensitive internal services. Maintain up-to-date threat intelligence to detect emerging exploit attempts targeting this vulnerability.