CVE-2016-7964 in DokuWiki정보

요약

\~에 의해 MITRE

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and 192.168.0.0/16.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2016. 09. 09.

공개

2016. 10. 31.

모더레이션

수락

항목

VDB-93194

CPE

준비됨

CWE

CWE-918 (확인됨)

CVSS

8.6 (NVD)

EPSS

0.00329

KEV

아니요

활동

매우 낮음

부문

Agriculture, Hostingprovider, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7964
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7964
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7964/

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!