216.73.216.86

CVE-2025-27600

· Published 06/03/2025 19:15 · Modified 06/03/2025 19:15

Labels: CVE-2025-27600 2025-03-06CVE-2025-27600CWE-918[email protected]

Essential information

Published
06/03/2025 19:15
Modified
06/03/2025 19:15
Author
Creator
CISA KEV
No
CWE

Description

FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intranet. This issue is fixed in 4.9.0.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References