| Название | QingdaoU OnlineJudge <=v1.6.1 Stored SSRF |
|---|
| Описание | A stored Server-Side Request Forgery (SSRF) vulnerability exists in the Judge Server dispatcher of QingdaoU OnlineJudge. An attacker with access to a judge server token can submit a malicious service_url via the /api/admin/judge_server_heartbeat endpoint, which is then stored in the database. When the application subsequently processes judge tasks, it uses this unvalidated URL to construct and send internal HTTP requests. This allows the attacker to force the server to make arbitrary requests to internal network resources, potentially leading to metadata exfiltration, internal network scanning, or remote code execution.
|
|---|
| Источник | ⚠️ https://github.com/AnalogyC0de/public_exp/issues/27 |
|---|
| Пользователь | Ana10gy (UID 93358) |
|---|
| Представление | 18.03.2026 10:10 (20 дни назад) |
|---|
| Модерация | 04.04.2026 08:44 (17 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 355291 [QingdaoU OnlineJudge до 1.6.1 judge_server_heartbeat Endpoint JudgeServer.service_url эскалация привилегий] |
|---|
| Баллы | 20 |
|---|