GHSA-rjg7-r26h-cfp2: Koel: Full-read SSRF via podcast enclosure URL: isPublicHost() filter_var guard does not reject NAT64 (64:ff9b::/96) or 6to4 (2002::/16) IPv6-transition wrappers of internal IPv4
Koel versions prior to 9.7.1 contain a server-side request forgery (SSRF) vulnerability due to improper IP address validation in the isPublicHost() function. The function fails to recognize IPv6 transition addresses (NAT64 and 6to4) that embed private IPv4 addresses, allowing attackers to bypass the public IP check. An attacker can craft a podcast RSS feed with an enclosure URL resolving to such an IPv6 address, causing Koel to fetch internal network resources or cloud metadata endpoints and return the response to the attacker. This leads to full-read SSRF with disclosure of internal service data.
AI Analysis
Technical Summary
Koel's isPublicHost() function uses PHP's filter_var() with FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE to determine if an IP address is public. However, this method does not detect IPv6 transition addresses such as NAT64 (64:ff9b::/96) and 6to4 (2002::/16), which embed private IPv4 addresses. As a result, Koel incorrectly treats these addresses as public and allows outbound HTTP requests to them. Since podcast enclosure URLs are user-controllable and Koel fetches these URLs to stream episodes, an attacker can supply a URL resolving to a NAT64 or 6to4 address that maps to internal IPs or cloud metadata services. This causes Koel to perform SSRF with full response disclosure, bypassing the only SSRF defense in place. The vulnerability affects Koel versions before 9.7.1.
Potential Impact
An attacker can exploit this vulnerability to perform server-side request forgery that reads data from internal network services or cloud instance metadata endpoints. This can lead to disclosure of sensitive internal information that is not normally accessible externally. The SSRF allows full reading of the response body from the targeted internal resource, potentially exposing confidential data or credentials.
Mitigation Recommendations
A fix is available in Koel version 9.7.1 that addresses this issue. Users should upgrade to version 9.7.1 or later to mitigate this vulnerability. Until patched, users should be aware that the existing IP validation does not block IPv6 transition addresses embedding private IPv4 addresses, and should avoid subscribing to untrusted podcast feeds. Patch status is confirmed by the affectedVersions field indicating versions <9.7.1 are vulnerable.
GHSA-rjg7-r26h-cfp2: Koel: Full-read SSRF via podcast enclosure URL: isPublicHost() filter_var guard does not reject NAT64 (64:ff9b::/96) or 6to4 (2002::/16) IPv6-transition wrappers of internal IPv4
Description
Koel versions prior to 9.7.1 contain a server-side request forgery (SSRF) vulnerability due to improper IP address validation in the isPublicHost() function. The function fails to recognize IPv6 transition addresses (NAT64 and 6to4) that embed private IPv4 addresses, allowing attackers to bypass the public IP check. An attacker can craft a podcast RSS feed with an enclosure URL resolving to such an IPv6 address, causing Koel to fetch internal network resources or cloud metadata endpoints and return the response to the attacker. This leads to full-read SSRF with disclosure of internal service data.
CVSS v4.0
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Koel's isPublicHost() function uses PHP's filter_var() with FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE to determine if an IP address is public. However, this method does not detect IPv6 transition addresses such as NAT64 (64:ff9b::/96) and 6to4 (2002::/16), which embed private IPv4 addresses. As a result, Koel incorrectly treats these addresses as public and allows outbound HTTP requests to them. Since podcast enclosure URLs are user-controllable and Koel fetches these URLs to stream episodes, an attacker can supply a URL resolving to a NAT64 or 6to4 address that maps to internal IPs or cloud metadata services. This causes Koel to perform SSRF with full response disclosure, bypassing the only SSRF defense in place. The vulnerability affects Koel versions before 9.7.1.
Potential Impact
An attacker can exploit this vulnerability to perform server-side request forgery that reads data from internal network services or cloud instance metadata endpoints. This can lead to disclosure of sensitive internal information that is not normally accessible externally. The SSRF allows full reading of the response body from the targeted internal resource, potentially exposing confidential data or credentials.
Mitigation Recommendations
A fix is available in Koel version 9.7.1 that addresses this issue. Users should upgrade to version 9.7.1 or later to mitigate this vulnerability. Until patched, users should be aware that the existing IP validation does not block IPv6 transition addresses embedding private IPv4 addresses, and should avoid subscribing to untrusted podcast feeds. Patch status is confirmed by the affectedVersions field indicating versions <9.7.1 are vulnerable.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-rjg7-r26h-cfp2
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-54494"]
- Ecosystems
- ["Packagist"]
- Database Specific Severity
- MODERATE
- Cvss Version
- 4.0
Threat ID: 6a58b44a68715ace43d6b300
Added to database: 07/16/2026, 10:36:58 UTC
Last enriched: 07/16/2026, 11:24:41 UTC
Last updated: 07/17/2026, 02:01:00 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.