Appwrite favicon SSRF (CVE-2023-27159)
Description
The Appwrite '/v1/avatars/favicon' endpoint contains a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal or external resources. This vulnerability enables attackers to bypass network security controls and access services that should not be publicly accessible, potentially exposing sensitive internal systems and data.
Remediation
Immediately upgrade Appwrite to version 1.2.1 or later, which addresses CVE-2023-27159. If immediate patching is not possible, implement the following temporary mitigations:
1. Restrict access to the '/v1/avatars/favicon' endpoint using web application firewall (WAF) rules or reverse proxy configurations
2. Implement network-level egress filtering to prevent the Appwrite server from making outbound requests to internal IP ranges (RFC 1918 addresses: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and localhost (127.0.0.0/8)
3. Monitor server logs for suspicious requests to the favicon endpoint, particularly those containing internal IP addresses or unusual domain names
After upgrading, verify the fix by testing that the endpoint properly validates and sanitizes URL inputs before making external requests.