提出 #633727: KodCloud KodBox v1.61 Server-Side Request Forgery情報

タイトル	KodCloud KodBox v1.61 Server-Side Request Forgery
説明	Description A Server-Side Request Forgery (SSRF) vulnerability exists in KodBox v1.61 in the “Download from Link” functionality under Upload Files. When an administrator enters any URL, the server sends an HTTP request to the specified address without validation or filtering. No bypass techniques are required. This vulnerability allows attackers to interact with internal and external network resources that the server can reach, exposing sensitive services and data. Reproduce 1.Log in as an administrator on KodBox v1.61. 2.Right-click inside any folder → Upload Files → Download from Link. 3.Enter a URL of a server you control (e.g., http://your-server.com) and click download. Observe the incoming request on your server. 4.Replace the URL with an internal network address such as http://127.0.0.1:22 or http://192.168.0.1:80. 5.Observe that the KodBox server successfully sends the request to the internal address without any validation. Impact Allows internal network reconnaissance and port scanning from the KodBox server. Access to sensitive internal services not exposed externally. Potential retrieval of cloud metadata (AWS/GCP/Azure) leading to credential theft. Server can be used as a proxy to bypass firewall restrictions. Exploitation can lead to full internal network compromise if sensitive services are reachable. Mitigation Implement strict allowlists for downloadable URLs. Block requests to private/internal IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Validate and sanitize all user-provided URLs. Apply egress firewall rules to prevent unauthorized outbound traffic. Restrict or disable this feature for unnecessary high-privilege accounts.
ソース	⚠️ https://gist.github.com/SysEternals/a03d45b582451f243f9c24076593c49c
ユーザー	AquaNight (UID 88991)
送信	2025年08月13日 16:44 (9 月 ago)
モデレーション	2025年08月25日 11:05 (12 days later)
ステータス	承諾済み
VulDBエントリ	321256 [kalcaddle kodbox 1.61 Download from Link serverDownload url 特権昇格]
ポイント	20

◂ 前概要次 ▸

Want to know what is going to be exploited?

We predict KEV entries!