| タイトル | jeecgboot 3.9.0 Server-Side Request Forgery |
|---|
| 説明 | A Server-Side Request Forgery (SSRF) vulnerability exists in the JeecgBoot framework within the /sys/common/uploadImgByHttp endpoint. The vulnerability arises from insufficient validation of user-supplied URLs in the fileUrl parameter, allowing authenticated attackers to induce the server to make HTTP requests to arbitrary domains, including sensitive internal network resources.The affected endpoint is designed to fetch remote images based on a URL provided in the JSON payload. However, the implementation lacks restrictions on the target IP address. By crafting a malicious request pointing to the loopback address (e.g., http://127.0.0.1:8000) or other private Intranet IP addresses, an attacker can bypass network firewalls. The server processes the request, retrieves the response content from the internal service, and saves it as a static file, effectively returning the internal data to the attacker. |
|---|
| ソース | ⚠️ https://www.yuque.com/la12138/vxbwk9/glws4ppukxqtpfhl?singleDoc |
|---|
| ユーザー | Saul1213 (UID 94577) |
|---|
| 送信 | 2026年02月09日 11:05 (3 月 ago) |
|---|
| モデレーション | 2026年02月21日 18:34 (12 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 347315 [JeecgBoot 3.9.0 uploadImgByHttp fileUrl 特権昇格] |
|---|
| ポイント | 20 |
|---|