CVE-2026-8081 | router-for-me CLIProxyAPI 6.9.29 API Interface api_tools.go url server-side request forgery

May 7, 2026 Yanac

A vulnerability was found in router-for-me CLIProxyAPI 6.9.29. It has been classified as critical. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the component API Interface. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-8081. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More