6. SSRF via Tool Endpoints
6. SSRF via Tool Endpoints
If tools allow arbitrary URL input, attackers can trigger Server-Side Request Forgery to internal services.
Example:
"target_url": "http://localhost:2375/docker/info"
Mitigation:
- Block internal IP ranges
- Enforce URL allowlists