| Название | Psi Probe <=5.3.0 Server-Side Request Forgery |
|---|
| Описание | Psi Probe contains a server-side request forgery (SSRF) vulnerability in the whois functionality. The application automatically connects to arbitrary servers specified in whois ReferralServer responses without validation, allowing authenticated attackers to scan internal networks, access internal services, and bypass firewall restrictions.
|
|---|
| Источник | ⚠️ https://github.com/AnalogyC0de/public_exp/issues/12 |
|---|
| Пользователь | Ana10gy (UID 93358) |
|---|
| Представление | 15.02.2026 04:38 (2 месяцы назад) |
|---|
| Модерация | 26.02.2026 16:13 (11 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 347994 [psi-probe PSI Probe до 5.3.0 Whois Whois.java lookup эскалация привилегий] |
|---|
| Баллы | 18 |
|---|