제출 #633727: KodCloud KodBox v1.61 Server-Side Request Forgery정보

제목	KodCloud KodBox v1.61 Server-Side Request Forgery
설명	Description A Server-Side Request Forgery (SSRF) vulnerability exists in KodBox v1.61 in the “Download from Link” functionality under Upload Files. When an administrator enters any URL, the server sends an HTTP request to the specified address without validation or filtering. No bypass techniques are required. This vulnerability allows attackers to interact with internal and external network resources that the server can reach, exposing sensitive services and data. Reproduce 1.Log in as an administrator on KodBox v1.61. 2.Right-click inside any folder → Upload Files → Download from Link. 3.Enter a URL of a server you control (e.g., http://your-server.com) and click download. Observe the incoming request on your server. 4.Replace the URL with an internal network address such as http://127.0.0.1:22 or http://192.168.0.1:80. 5.Observe that the KodBox server successfully sends the request to the internal address without any validation. Impact Allows internal network reconnaissance and port scanning from the KodBox server. Access to sensitive internal services not exposed externally. Potential retrieval of cloud metadata (AWS/GCP/Azure) leading to credential theft. Server can be used as a proxy to bypass firewall restrictions. Exploitation can lead to full internal network compromise if sensitive services are reachable. Mitigation Implement strict allowlists for downloadable URLs. Block requests to private/internal IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Validate and sanitize all user-provided URLs. Apply egress firewall rules to prevent unauthorized outbound traffic. Restrict or disable this feature for unnecessary high-privilege accounts.
원천	⚠️ https://gist.github.com/SysEternals/a03d45b582451f243f9c24076593c49c
사용자	AquaNight (UID 88991)
제출	2025. 08. 13. PM 04:44 (9 개월 ago)
모더레이션	2025. 08. 25. AM 11:05 (12 days later)
상태	수락
VulDB 항목	321256 [kalcaddle kodbox 1.61 Download from Link serverDownload url 권한 상승]
포인트들	20

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!