إرسال #273832: rebuild rebuild <= 3.5.5 SSRFالمعلومات

عنوانrebuild rebuild <= 3.5.5 SSRF
الوصفThere is an SSRF vulnerability in the FileDownLoader#readRawText method. Since the URL parameters are controllable, an http request is initiated to the specified url and the request result is returned. The attacker uses this vulnerability to detect intranet services and ports and read related files.
المصدر⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5
المستخدم
 lemono (UID 59906)
ارسال27/01/2024 05:51 AM (2 سنوات منذ)
الاعتدال29/01/2024 11:47 AM (2 days later)
الحالةتمت الموافقة
إدخال VulDB252290 [Rebuild حتى 3.5.5 HTTP Request readRawText url تجاوز الصلاحيات]
النقاط17

Interested in the pricing of exploits?

See the underground prices here!