CVE-2025-62612

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.11.1

Description FastGPT is a platform for building AI Agents. Versions of FastGPT before 4.11.1 contain a Server-Side Request Forgery (SSRF) issue in the workflow file reading node. The system does not verify the security of network links, which could allow for SSRF attacks.

Recommendations Update to version 4.11.1 or later.

Exploit

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2025-62612

GHSA-573G-3567-8PHG

Affected Products

Fastgpt

CVE-2025-62612

Weakness Enumeration

Related Identifiers

Affected Products

References · 9