Submit #633727: KodCloud KodBox v1.61 Server-Side Request Forgeryinfo

TitelKodCloud KodBox v1.61 Server-Side Request Forgery
BeschreibungDescription A Server-Side Request Forgery (SSRF) vulnerability exists in KodBox v1.61 in the “Download from Link” functionality under Upload Files. When an administrator enters any URL, the server sends an HTTP request to the specified address without validation or filtering. No bypass techniques are required. This vulnerability allows attackers to interact with internal and external network resources that the server can reach, exposing sensitive services and data. Reproduce 1.Log in as an administrator on KodBox v1.61. 2.Right-click inside any folder → Upload Files → Download from Link. 3.Enter a URL of a server you control (e.g., http://your-server.com) and click download. Observe the incoming request on your server. 4.Replace the URL with an internal network address such as http://127.0.0.1:22 or http://192.168.0.1:80. 5.Observe that the KodBox server successfully sends the request to the internal address without any validation. Impact Allows internal network reconnaissance and port scanning from the KodBox server. Access to sensitive internal services not exposed externally. Potential retrieval of cloud metadata (AWS/GCP/Azure) leading to credential theft. Server can be used as a proxy to bypass firewall restrictions. Exploitation can lead to full internal network compromise if sensitive services are reachable. Mitigation Implement strict allowlists for downloadable URLs. Block requests to private/internal IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Validate and sanitize all user-provided URLs. Apply egress firewall rules to prevent unauthorized outbound traffic. Restrict or disable this feature for unnecessary high-privilege accounts.
Quelle⚠️ https://gist.github.com/SysEternals/a03d45b582451f243f9c24076593c49c
Benutzer
 AquaNight (UID 88991)
Einreichung13.08.2025 16:44 (vor 9 Monaten)
Moderieren25.08.2025 11:05 (12 days later)
StatusAkzeptiert
VulDB Eintrag321256 [kalcaddle kodbox 1.61 Download from Link serverDownload url erweiterte Rechte]
Punkte20

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!