CVE-2025-31490

Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.1

Description The issue is related to a Server-Side Request Forgery (SSRF) vulnerability in AutoGPT, which is caused by DNS Rebinding in the requests wrapper. This allows an attacker to bypass the validation of the requested hostname, potentially leading to unauthorized access to local resources. The vulnerability is due to the insufficient validation of the hostname, which may initially appear as a non-blocked address but can later resolve to an invalid range. This type of attack is known as a "DNS Rebinding Attack".

Recommendations To resolve the issue, update to AutoGPT version 0.6.1 or later. As a temporary workaround, consider restricting access to the validate url() function and the request() function in the autogpt platform/backend/backend/util/request.py file to minimize the risk of exploitation. Additionally, ensure that the DNS server is properly configured to prevent DNS Rebinding attacks.