| शीर्षक | https://github.com/crmeb/crmeb_java crmeb_java v1.4 Server -Side Request Forgery |
|---|
| विवरण | SSRF in CRMEB-Java v1.4 via /api/front/qrcode/base64
A Server-Side Request Forgery (SSRF) vulnerability exists in CRMEB-Java v1.4 within the /api/front/qrcode/base64 endpoint. Due to a misconfiguration in the authentication interceptor (WebConfig), this specific path is whitelisted, allowing remote attackers to access it without any credentials. The endpoint accepts a url parameter and passes it directly to RestTemplate.getForEntity() without proper validation. Attackers can exploit this flaw to force the server into initiating arbitrary HTTP requests, enabling internal network probing (e.g., MySQL, Redis), port scanning, or cloud metadata extraction. |
|---|
| स्रोत | ⚠️ https://github.com/crmeb/crmeb_java/issues/35 |
|---|
| उपयोगकर्ता | mukyuuhate (UID 93052) |
|---|
| सबमिशन | 16/05/2026 06:48 AM (22 दिन पहले) |
|---|
| संयम | 03/06/2026 05:42 PM (18 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 368137 [crmeb crmeb_java 1.4 base64 Qrcode Endpoint RestTemplateUtil.java RestTemplate.getForEntity url अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|