PT-2026-60102 · Anyquery · Anyquery
Published
2026-07-14
·
Updated
2026-07-15
·
CVE-2026-54628
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Anyquery (affected versions not specified)
Description
When operating in server mode, the software does not restrict outbound HTTP requests initiated by built-in SQLite virtual table modules, such as
json reader and log reader. Unauthenticated attackers connecting via the MySQL-compatible server port can create virtual tables that point to internal network endpoints or Cloud Metadata IPs, such as http://169.254.169.254/latest/meta-data/. This enables Server-Side Request Forgery (SSRF), a technique where an attacker induces the server to make requests to an unintended location, allowing them to bypass external firewalls, scan internal ports, interact with internal APIs, or exfiltrate cloud credentials and IAM tokens.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Block remote HTTP fetches to local and private IP ranges, as well as known Cloud Metadata IP addresses, unless explicitly enabled via configuration.
SSRF
Missing Authorization
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Anyquery