TypeBot.io versions before 3.17.2 implement SSRF validation by resolving a hostname once and checking if the resolved IP is in a forbidden range. However, the actual outbound request performs a fresh DNS resolution without pinning the IP to the validated address, creating a TOCTOU gap. An attacker can exploit this by supplying a URL that passes initial validation but resolves to internal or metadata IPs at request time via DNS rebinding. This enables unauthorized server-side access to internal HTTP services, cloud metadata endpoints, and potentially sensitive internal resources. The vulnerability is identified as CWE-918 and has a CVSS 3.1 score of 8.2 (high severity). It is fixed in version 3.17.2.

Successful exploitation allows an attacker to bypass SSRF protections and make the server perform HTTP requests to internal network services or cloud metadata endpoints. This can lead to disclosure of sensitive metadata, access to internal admin panels, credential theft, and further internal compromise. The impact depends on the internal services accessible from the server but includes high confidentiality risk and potential privilege escalation.

Upgrade TypeBot to version 3.17.2 or later, where this SSRF vulnerability is fixed. Patch status is not explicitly stated beyond the fix in 3.17.2, so applying this update is the recommended remediation. No vendor advisory content is provided to indicate alternative mitigations or temporary fixes.