| Titre | Psi Probe <=5.3.0 Server-Side Request Forgery |
|---|
| Description | Psi Probe contains a server-side request forgery (SSRF) vulnerability in the whois functionality. The application automatically connects to arbitrary servers specified in whois ReferralServer responses without validation, allowing authenticated attackers to scan internal networks, access internal services, and bypass firewall restrictions.
|
|---|
| La source | ⚠️ https://github.com/AnalogyC0de/public_exp/issues/12 |
|---|
| Utilisateur | Ana10gy (UID 93358) |
|---|
| Soumission | 15/02/2026 04:38 (il y a 2 mois) |
|---|
| Modérer | 26/02/2026 16:13 (11 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 347994 [psi-probe PSI Probe jusqu’à 5.3.0 Whois Whois.java lookup élévation de privilèges] |
|---|
| Points | 18 |
|---|