CVE-2026-49129
Description
Music Player Daemon (MPD) before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPT_FOLLOWLOCATION is set without CURLOPT_REDIR_PROTOCOLS_STR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP server to redirect to non-HTTP protocols such as gopher, ftp, sftp, ldap, dict, rtmp, or rtsp. Attackers can trigger this vulnerability via MPD commands that initiate URL fetches, including add, readcomments, albumart, readpicture, or load, to interact with internal or restricted network services on systems running libcurl versions prior to 7.85.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
MPD before 0.24.11 has an SSRF vulnerability where libcurl's redirects bypass HTTP scheme restrictions, allowing attackers to probe internal services.
Vulnerability
Music Player Daemon (MPD) versions before 0.24.11 contain a server-side request forgery (SSRF) vulnerability in the CurlInputPlugin. The plugin configures libcurl with CURLOPT_FOLLOWLOCATION enabled but fails to set CURLOPT_REDIR_PROTOCOLS_STR, allowing an attacker-controlled HTTP server to redirect the client to non-HTTP schemes such as gopher, ftp, sftp, ldap, dict, rtmp, or rtsp on systems running libcurl prior to 7.85.0 [1][2][4].
Exploitation
An unauthenticated attacker with network access to an MPD instance issues a supported command — such as add, readcomments, albumart, readpicture, or load — with a URL pointing to a malicious HTTP server they control. The vulnerable CurlInputPlugin follows the server's HTTP redirect to a non-HTTP scheme (e.g., sftp://internal-service), bypassing the intended http/https-only restriction. No authentication or prior access to the MPD host is required [2][4].
Impact
Successful exploitation allows the attacker to probe TCP-based services on internal networks or the MPD host itself. The SSRF is partially blind: the attacker learns whether a connection succeeded and may receive a fragment of the peer's banner (e.g., the SSH version string from an sftp redirect), but full response bodies are generally not reflected. This can be used for network reconnaissance, port scanning, or interacting with internal services that may trust the MPD daemon's origin [2][4].
Mitigation
A fix was released in MPD version 0.24.11 on 2026-05-15, which requires libcurl 7.85.0 or later (where proper redirect protocol restrictions are enforced by default) [1][3]. Users should upgrade MPD to 0.24.11 and ensure the system's libcurl packages meet this minimum version. If upgrading is not immediately possible, restricting network access to the MPD TCP port (6600 by default) via a firewall and not using the affected commands against untrusted URLs can reduce exposure [2][4].
AI Insight generated on May 28, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <0.24.11
Patches
178341dd6c7b1lib/curl: require version 7.85.0
2 files changed · +3 −1
NEWS+2 −0 modified@@ -2,6 +2,8 @@ ver 0.24.11 (not yet released) * protocol - fix path traversal bug * playlist: do not allow newlines in song URIs +* input + - curl: require version 7.85.0 * decoder - pcm: fix stack buffer overflow
src/lib/curl/meson.build+1 −1 modified@@ -1,4 +1,4 @@ -curl_dep = dependency('libcurl', version: '>= 7.55', required: get_option('curl')) +curl_dep = dependency('libcurl', version: '>= 7.85', required: get_option('curl')) conf.set('ENABLE_CURL', curl_dep.found()) if not curl_dep.found() subdir_done()
Vulnerability mechanics
Root cause
"Missing redirect protocol restriction in CurlInputPlugin allows SSRF via protocol whitelist bypass."
Attack vector
An unauthenticated attacker controls a malicious HTTP server that MPD's CurlInputPlugin will fetch from. The attacker triggers the vulnerability by sending MPD commands that initiate URL fetches — such as `add`, `readcomments`, `albumart`, `readpicture`, or `load` — pointing to the attacker's server. When libcurl (prior to 7.85.0) follows the server's HTTP redirect, it does not restrict the redirect target protocol, allowing the attacker to redirect to internal or restricted network services via protocols like gopher, ftp, sftp, ldap, dict, rtmp, or rtsp [patch_id=2980737].
Affected code
The vulnerability resides in the CurlInputPlugin within `src/lib/curl/`. The plugin uses `CURLOPT_FOLLOWLOCATION` to follow HTTP redirects but, prior to libcurl 7.85.0, did not restrict the redirect target protocols via `CURLOPT_REDIR_PROTOCOLS_STR`. This allows a malicious server to redirect an MPD-initiated HTTP request to non-HTTP protocols such as gopher, ftp, sftp, ldap, dict, rtmp, or rtsp, bypassing the `protocol_is_whitelisted()` check [patch_id=2980737].
What the fix does
The patch raises the minimum required libcurl version from 7.55 to 7.85.0 in `src/lib/curl/meson.build` [patch_id=2980737]. Starting with libcurl 7.85.0, `CURLOPT_FOLLOWLOCATION` automatically limits redirect target protocols to HTTP and FTP by default, which prevents redirects to Gopher and other protocols that could bypass MPD's protocol whitelist. The commit message explicitly notes that this change closes the SSRF vector by ensuring redirects can no longer circumvent `protocol_is_whitelisted()` [patch_id=2980737].
Preconditions
- configMPD must be compiled against libcurl older than 7.85.0
- networkAttacker must control a malicious HTTP server that MPD will fetch from
- inputAttacker must be able to send MPD commands (add, readcomments, albumart, readpicture, or load) to the target MPD instance
Generated on May 28, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/MusicPlayerDaemon/MPD/commit/78341dd6c7b101c3feede233d4cc4f8f1fcc4bb3nvd
- github.com/MusicPlayerDaemon/MPD/issues/2487nvd
- github.com/MusicPlayerDaemon/MPD/releases/tag/v0.24.11nvd
- mstreet97.github.io/security-research/opensource/vulnerability-disclosure/cybersecurity/cve/2026/05/25/Four_Bugs_Reachable_nc.htmlnvd
- raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.24.11/NEWSnvd
- www.musicpd.org/news/2026/05/mpd-0-24-11-released/nvd
- www.vulncheck.com/advisories/music-player-daemon-ssrf-via-curlinputpluginnvd
News mentions
0No linked articles in our index yet.