Lucene search
Michaellrowley31649903-C19C-4DAE-AEE0-A04B095855C5HistoryMar 09, 2022 - 7:06 p.m.
Server-Side Request Forgery (SSRF)
2022-03-0919:06:05
michaellrowley
www.huntr.dev
61
server-side request forgery
cve-2022-0767
cve-2022-0766
aws metadata address
internal endpoints
network vulnerability
bug bounty
EPSS
0.002
Percentile
57.1%
Description
The fix(es) for CVE-2022-0767 & CVE-2022-0766 only address loopback/localhost IP addresses, this is an issue as other internal endpoints may be accessible to an attacker (one of the most popular examples is 169.254.169.254 which is the AWS metadata address)
Proof of Concept
The same as either of the previous reports except the IP address being used should be an internal (but not local/loopback) address (e.g., the aforementioned 169.254.169.254.
Impact
This vulnerability is capable of allowing attackers to interact with devices (or applications) running on the same network as the targeted server.
Related
huntr
huntr
Server-Side Request Forgery (SSRF)
2022-02-21 17:48:42
Server-Side Request Forgery (SSRF)
2022-02-25 05:02:10
Server-Side Request Forgery (SSRF)
2022-03-06 18:51:45
prion
prion
Server side request forgery (ssrf)
2022-03-07 07:15:00
Server side request forgery (ssrf)
2022-04-04 18:15:00
Server side request forgery (ssrf)
2022-03-07 07:15:00
cvelist
cvelist
CVE-2022-0990 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
2022-04-04 17:50:17
CVE-2022-0766 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
2022-03-07 07:05:19
CVE-2022-0767 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
2022-03-07 07:05:11
nvd
nvd
osv
osv
veracode
veracode
Server-Side Request Forgery (SSRF)
2022-04-05 10:30:02
Server-Side Request Forgery (SSRF)
2022-03-09 07:45:10
cve
cve
github
github
Server-Side Request Forgery in calibreweb
2022-03-08 00:00:31
Server-Side Request Forgery in calibreweb
2022-03-08 00:00:31