External risk intelligence

Appsmith Caddy API Takesover via SSRF

CVE advisorySeverity: CRITICAL (CVSS 9.9)

CVE-2026-55454

The vulnerable Caddy admin API is bound to localhost inside the container and is not exposed to the host by default. It requires an existing low-privileged authenticated user to leverage a secondary SSRF vulnerability to reach the internal service, making direct public-internet exploitation unlikely.

Server-Side Request Forgery

Appsmith

before 2.1

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory concerns a critical security vulnerability in the Appsmith platform, which is used for building internal tools and dashboards. The vulnerability, if exploited, could allow an authenticated user to gain full control over the platform's reverse proxy, potentially impacting its availability and integrity. The main concern is confirming the relevance and exposure of this platform within the organization.

  • Unauthenticated admin access to a proxy.
  • Allows takeover of internal tool infrastructure.
  • Confirm if Appsmith is deployed and relevant.

Attack Path

How an attacker could exploit the issue

An attacker with low-privileged access to the Appsmith platform can exploit a Server-Side Request Forgery (SSRF) vulnerability. This SSRF allows the attacker to send requests to the platform's internal Caddy reverse-proxy, which is not protected by authentication by default. By manipulating Caddy's configuration, the attacker can then fully control the reverse proxy, potentially leading to a complete takeover.

  • Entry: Authenticated low-privileged user.
  • Trigger: Server-Side Request Forgery.
  • Risk: Full reverse proxy takeover.

Live Threat

Current exploitation, exposure, and threat context

The Caddy reverse-proxy's admin API, when accessible internally by the Appsmith server process or via a Server-Side Request Forgery (SSRF) vulnerability, could allow an authenticated, low-privileged user to alter the proxy's configuration. This could lead to full control over the reverse proxy.

  • Reverse proxy configuration.
  • Via SSRF or internal access.
  • Control of reverse proxy.

Operational Fix

Recommended remediation, mitigation, and detection steps

The Appsmith platform's bundled Caddy reverse-proxy is affected by a vulnerability allowing authenticated users to take over the reverse proxy. Platform or infrastructure teams managing Appsmith deployments are likely responsible for remediation. The first practical step involves identifying all Appsmith instances, confirming their reachability and business criticality, and then planning remediation based on identified risk.

  • Platform or infrastructure teams own the issue.
  • Verify Appsmith instance reachability and business criticality.
  • Plan remediation and coordinate with the Appsmith vendor.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is Appsmith?

Appsmith is a development platform designed for teams to build internal business tools, custom admin panels, and operational dashboards. It simplifies the process of connecting data sources and creating user interfaces. To facilitate web traffic management and security, it includes a bundled Caddy reverse-proxy that handles incoming requests before they reach the main application.

What kind of vulnerability is CVE-2026-55454?

This CVE involves a weakness classified as CWE-749 (Unsafe Exposure of Dangerous API) and CWE-1188 (Insecure Default Initialization of Resource). The core issue is that the Caddy reverse-proxy's administrative API is active by default without authentication. Because this control interface is left open, it allows any entity that can reach it to issue commands that completely reconfigure how the proxy behaves.

How can this vulnerability be triggered?

An attacker needs existing low-privileged access to the Appsmith platform to initiate an attack. The bug is triggered when an attacker uses Server-Side Request Forgery (SSRF) to send unauthorized commands to the Caddy admin API. Importantly, direct external access to this API is not possible because it is bound to the container's internal network; the vulnerability does not trigger if there is no SSRF vector available for an attacker to leverage.

Is my instance reachable based on Halo Surface Signal?

Halo Surface Signal indicates that direct exploitation of this CVE is unlikely for most deployments because the Caddy admin API is bound to localhost inside the container and is not exposed to the host by default. The risk primarily arises if your environment contains a secondary vulnerability, like SSRF, that an attacker could chain to reach the internal proxy interface.

What is the first step to address this issue?

The most practical first step is to inventory all Appsmith instances within your environment to identify where this technology is deployed. Once identified, confirm whether your specific installation uses a version earlier than 2.1, which is where the fix is implemented. Coordinate with your infrastructure teams to prioritize updating to the patched version, as this is the primary way to secure the Caddy reverse-proxy configuration.

References