Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-0870

Summary
Assigner-@huntrdev
Assigner Org ID-c09c270a-b464-47c1-9133-acb35b22c19a
Published At-11 Mar, 2022 | 10:40
Updated At-02 Aug, 2024 | 23:40
Rejected At-
Credits

Server-Side Request Forgery (SSRF) in gogs/gogs

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:@huntrdev
Assigner Org ID:c09c270a-b464-47c1-9133-acb35b22c19a
Published At:11 Mar, 2022 | 10:40
Updated At:02 Aug, 2024 | 23:40
Rejected At:
▼CVE Numbering Authority (CNA)
Server-Side Request Forgery (SSRF) in gogs/gogs

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Affected Products
Vendor
gogs
Product
gogs/gogs
Versions
Affected
  • From unspecified before 0.12.5 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-918CWE-918 Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-918
Description: CWE-918 Server-Side Request Forgery (SSRF)
Metrics
VersionBase scoreBase severityVector
3.05.0MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Version: 3.0
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
x_refsource_CONFIRM
https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
x_refsource_MISC
Hyperlink: https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
x_refsource_CONFIRM
x_transferred
https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
x_refsource_MISC
x_transferred
Hyperlink: https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@huntr.dev
Published At:11 Mar, 2022 | 11:15
Updated At:22 Mar, 2022 | 13:35

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Secondary3.05.0MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 3.0
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
gogs
gogs
>>gogs>>Versions before 0.12.5(exclusive)
cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-918Primarynvd@nist.gov
CWE-918Secondarysecurity@huntr.dev
CWE ID: CWE-918
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-918
Type: Secondary
Source: security@huntr.dev
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabbsecurity@huntr.dev
Patch
Third Party Advisory
https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531security@huntr.dev
Exploit
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
Source: security@huntr.dev
Resource:
Patch
Third Party Advisory
Hyperlink: https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
Source: security@huntr.dev
Resource:
Exploit
Issue Tracking
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

197Records found
CVE-2018-7055
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 10:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter.

Action-Not Available
Vendor-steelcasen/a
Product-roomwizard_firmwareroomwizardn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-6029
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.75%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 06:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external network resources via Server Side Request Forgery (SSRF), because URL validation only considers whether the URL contains the "csdn" substring.

Action-Not Available
Vendor-5nonen/a
Product-nonecmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-5004
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.17%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-experience_managerAdobe Experience Manager AEM 6.2 and AEM 6.3
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-5006
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-3.17% / 86.43%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-experience_managerAdobe Experience Manager AEM 6.4 and earlier
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-2463
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-8.6||HIGH
EPSS-0.31% / 53.76%
||
7 Day CHG~0.00%
Published-11 Sep, 2018 | 15:00
Updated-05 Aug, 2024 | 04:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.

Action-Not Available
Vendor-SAP SE
Product-hybrisSAP Hybris Commerce
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-2370
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 43.66%
||
7 Day CHG~0.00%
Published-14 Feb, 2018 | 12:00
Updated-05 Aug, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server.

Action-Not Available
Vendor-SAP SE
Product-bi_launchpadSAP BI Launchpad
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-2339
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-0.72% / 71.55%
||
7 Day CHG~0.00%
Published-07 Jul, 2022 | 03:15
Updated-26 Aug, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) in nocodb/nocodb

With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information.

Action-Not Available
Vendor-nocodbnocodb
Product-nocodbnocodb/nocodb
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-18569
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-0.46% / 63.21%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 21:00
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature. This could be leveraged to provide a proxy to attack other servers (internal or external) or to perform network scans of external or internal networks.

Action-Not Available
Vendor-dundasn/a
Product-dundas_bin/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-18867
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-0.37% / 58.11%
||
7 Day CHG~0.00%
Published-31 Oct, 2018 | 05:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 via the upload.php url parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-15495.

Action-Not Available
Vendor-tecrailn/a
Product-responsive_filemanagern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-1220
Matching Score-4
Assigner-PHP Group
ShareView Details
Matching Score-4
Assigner-PHP Group
CVSS Score-3.7||LOW
EPSS-0.07% / 21.25%
||
7 Day CHG+0.01%
Published-13 Jul, 2025 | 22:18
Updated-22 Jul, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null byte termination in hostnames

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.

Action-Not Available
Vendor-The PHP Group
Product-phpPHP
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-15895
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.11%
||
7 Day CHG~0.00%
Published-27 Aug, 2018 | 04:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spider_tools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14858.

Action-Not Available
Vendor-icmsdevn/a
Product-icmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-1711
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-26.19% / 96.09%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 12:40
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) in jgraph/drawio

Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5.

Action-Not Available
Vendor-diagramsjgraph
Product-drawiojgraph/drawio
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-1713
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-88.78% / 99.49%
||
7 Day CHG~0.00%
Published-16 May, 2022 | 14:31
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF on /proxy in jgraph/drawio

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

Action-Not Available
Vendor-diagramsjgraph
Product-drawiojgraph/drawio
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-14858
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.11%
||
7 Day CHG~0.00%
Published-02 Aug, 2018 | 20:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 because the remote function in app/spider/spider_tools.class.php does not block private and reserved IP addresses such as 10.0.0.0/8. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14514.

Action-Not Available
Vendor-icmsdevn/a
Product-icmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-12809
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.00% / 82.93%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-experience_managerAdobe Experience Manager AEM 6.4 and earlier
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-0528
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 50.70%
||
7 Day CHG+0.01%
Published-03 Mar, 2022 | 07:00
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) in transloadit/uppy

Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.

Action-Not Available
Vendor-transloadittransloadit
Product-uppytransloadit/uppy
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-45851
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.88% / 74.36%
||
7 Day CHG~0.00%
Published-16 Mar, 2022 | 09:51
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.

Action-Not Available
Vendor-frangoteamn/a
Product-fuxan/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-46107
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-62.76% / 98.31%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 20:33
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Action-Not Available
Vendor-ligeo-archivesn/a
Product-ligeo_basicsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-44139
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-77.66% / 98.95%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 16:50
Updated-04 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF).

Action-Not Available
Vendor-n/aHashiCorp, Inc.
Product-sentineln/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-43296
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.55% / 91.44%
||
7 Day CHG~0.00%
Published-30 Nov, 2021 | 18:40
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_supportcenter_plusn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-0403
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.69% / 70.84%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 23:00
Updated-29 Nov, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_contact_center_expressunified_ip_interactive_voice_responseCisco Unified Contact Center Express unknown
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2018-0399
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 71.47%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 23:00
Updated-29 Nov, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-finesseCisco Finesse unknown
CWE ID-CWE-264
Not Available
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-40822
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-93.25% / 99.80%
||
7 Day CHG~0.00%
Published-01 May, 2022 | 23:17
Updated-04 Aug, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.

Action-Not Available
Vendor-osgeon/a
Product-geoservern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-41587
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.64%
||
7 Day CHG~0.00%
Published-24 Sep, 2021 | 14:18
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.

Action-Not Available
Vendor-n/aGradle, Inc.
Product-gradlen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-40186
Matching Score-4
Assigner-AppCheck Ltd.
ShareView Details
Matching Score-4
Assigner-AppCheck Ltd.
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 52.37%
||
7 Day CHG~0.00%
Published-31 May, 2022 | 18:09
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DNN CMS Server-Side Request Forgery (SSRF)

The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services.

Action-Not Available
Vendor-ESW Operations, LLC ("DNN Software")
Product-dotnetnukeDNN Platform
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-38648
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.31%
||
7 Day CHG-0.02%
Published-22 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 11:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PDFTranscoder does not block external resources

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-batikdebian_linuxApache XML Graphics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-29028
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.09% / 25.93%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 15:14
Updated-07 Jul, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
memos vulnerable to an SSRF in /o/get/httpmeta

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1.

Action-Not Available
Vendor-Usememos
Product-memosmemosmemos
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-37104
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.09%
||
7 Day CHG~0.00%
Published-28 Sep, 2021 | 14:01
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p40p40_firmwareHUAWEI P40
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2017-3164
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-55.85% / 98.00%
||
7 Day CHG~0.00%
Published-08 Mar, 2019 | 21:00
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

Action-Not Available
Vendor-The Apache Software Foundation
Product-solrApache Solr
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-24829
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 23.44%
||
7 Day CHG~0.00%
Published-08 Feb, 2024 | 23:44
Updated-01 Aug, 2024 | 23:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF in Sentry via Phabricator integration

Sentry is an error tracking and performance monitoring platform. Sentry’s integration platform provides a way for external services to interact with Sentry. One of such integrations, the Phabricator integration (maintained by Sentry) with version <=24.1.1 contains a constrained SSRF vulnerability. An attacker could make Sentry send POST HTTP requests to arbitrary URLs (including internal IP addresses) by providing an unsanitized input to the Phabricator integration. However, the body payload is constrained to a specific format. If an attacker has access to a Sentry instance, this allows them to: 1. interact with internal network; 2. scan local/remote ports. This issue has been fixed in Sentry self-hosted release 24.1.2, and has already been mitigated on sentry.io on February 8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-sentrygetsentry
Product-sentrysentry
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-33511
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.64%
||
7 Day CHG~0.00%
Published-21 May, 2021 | 21:32
Updated-03 Aug, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel.

Action-Not Available
Vendor-n/aPlone Foundation
Product-plonen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-25241
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 61.13%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 19:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsworry-free_business_securityTrend Micro Apex OneTrend Micro Worry-Free Business Security
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-22970
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-0.39% / 58.94%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 18:08
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SSRF Mitigation Bypass through DNS RebindingConcrete CMS security team gave this a CVSS score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:NConcrete CMS is maintaining Concrete version 8.5.x until 1 May 2022 for security fixes.This CVE is shared with HackerOne Reports https://hackerone.com/reports/1364797 and https://hackerone.com/reports/1360016Reporters: Adrian Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) and Bipul Jaiswal

Action-Not Available
Vendor-concretecmsn/a
Product-concrete_cmshttps://github.com/concrete5/concrete5
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-23664
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.6||HIGH
EPSS-0.29% / 52.01%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 20:00
Updated-16 Sep, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-side Request Forgery (SSRF)

The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.

Action-Not Available
Vendor-isomorphic-gitn/a
Product-cors-proxy@isomorphic-git/cors-proxy
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-24150
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-43.25% / 97.41%
||
7 Day CHG~0.00%
Published-05 Apr, 2021 | 18:27
Updated-03 Aug, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).

Action-Not Available
Vendor-likebtn-like-button_projectUnknown
Product-likebtn-like-buttonLike Button Rating ♥ LikeBtn
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-52602
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5||MEDIUM
EPSS-0.10% / 28.34%
||
7 Day CHG+0.01%
Published-16 Jan, 2025 | 19:14
Updated-20 Aug, 2025 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo

Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. This is fixed in MMR v1.3.8. Users are advised to upgrade. Restricting which hosts MMR is allowed to contact via (local) firewall rules or a transparent proxy and may provide a workaround for users unable to upgrade.

Action-Not Available
Vendor-t2bott2bot
Product-matrix-media-repomatrix-media-repo
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-51980
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.27%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:22
Updated-26 Jun, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.

Action-Not Available
Vendor-Toshiba TecFUJIFILM Business InnovationKonica Minolta, Inc.Brother Industries, LtdRicoh Company, Ltd.
Product-HL-L3210CWDCP-L2640DWMFC-L2690DWHL-L3295CDWTD-2320DSAMFC-L3745CDWDCP-T420WHL-J6010DWHL-EX470WHL-L8245CDWDCP-J572DWMFC-J893NMFC-J4440DWMFC-L2900DWDCP-L3528CDWMFC-L2886DWHL-L2386DWDCP-J4543NPT-E850TKW (for Vietnum)Apeos 4620 SXMFC-L8690CDWDCP-J982N-W/BHL-1210WEDocuPrint P118 wTD-2125NDocuPrint M265 zDocuPrint M115 zMFC-L5850DWDCP-T835DWHL-L5212DNMFC-T920DWDocuPrint M268 zDocuPrint M118 zMFC-J3530DWHL-L2370DWXLDocuPrint P378 dMFC-L2715DW(for Tiwan, Koria)MFC-J939DNDCP-T436WMFC-L2835DWMFC-L2922DWMFC-L2800DWDCP-L2660DWMFC-J4535DW(XL)HL-B2080DWMFC-J5830DWMFC-L6900DWMFC-L2765DWMFC-L2700DW(ASA)DCP-T820DWApeos 4620 SZPT-D800WMFC-J5335DWHL-L8260CDWHL-L6412DWDCP-L1632WApeos 4620 SDFMFC-L2960DWDCP-L2508DWHL-L2460DWDCP-J772DWMFC-L3755CDWMFC-T930DWPT-E550W (for US, EU)MFC-1916NWHL-L2375DWMFC-L8610CDWDCP-1617NWPT-E550W (for Tiwan, Hongkong)MFC-4340DWEDocuPrint P360 dwHL-1212WEMFC-J5930DWMFC-EX670WDCP-J4140NPT-P950NWMFC-J5800CDWDCP-L8410CDWDCP-B7600DBMFC-J815DW XLDCP-B7638DNSP 230DNwDCP-L2640DNHL-L9430CDNDCP-L2647DWTD-2350DFMFC-J2340DWDCP-J928N-WBDCP-L3560CDWHL-L3300CDWMFC-L2701DWHL-J7010CDWRJ-4250WBHL-L5215DNHL-L5102DWMFC-J7300CDWe-STUDIO302DNFHL-L6300DWTTD-2130NDCP-T435WDCP-L5650DNMFC-L6810DWPJ-773DocuPrint M375 zMFC-J2330DWMFC-1911NWMFC-L3750CDWMFC-L2760DWMFC-J4940DNPT-E550W (for Russia)PT-E800WMFC-L5710DNDCP-L1638WSP-1HL-L6310DWDocuPrint P260 dwDCP-T535DWMFC-J998DNHL-5595DNHHL-L2390DWQL-1115NWBDCP-1612WMFC-8540DNDCP-L5600DNMFC-J998DWNTD-2135NDCP-7180DNMFC-J5945DWDCP-7190DNMFC-L5702DWHL-L2371DNRJ-3150AiHL-L2365DWDocuPrint P268 dPT-E850TKW (for Tiwan)MFC-L6720DWMFC-J5955DWHL-L6250DNMFC-J1170DWMFC-J890DWMFC-L3730CDNMFC-L6902DWMFC-J5630CDWDCP-J1700DWDCP-L2531DWHL-L5050DNDCP-B7548WMFC-L9610CDNMFC-L6702DWDCP-J987N-BDCP-1618WHL-L5200DWDCP-T439WDocuPrint P268 dwHL-L5228DWMFC-9150CDNHL-L2461DNHL-L2395DWHL-L2365DWRMFC-J4540NDCP-J973N-W/BMFC-L8340CDWDCP-L2532DWRJ-2140HL-L9470CDNDCP-B7520DWMFC-J4345DW XLDCP-B7648DWHL-L3220CWEQL-810WcMFC-L3735CDNMFC-J7700CDWDCP-T825DWHL-L5100DNMFC-J898NHL-1212Wbizhub 3000MFMFC-L2750DWRDocuPrint M260 zHL-L2357DWDocuPrint P375 dwHL-B2100DBDCP-L2540DNRHL-L8360CDWTHL-L2325DWRJ-3050AiQL-1110NWBcMFC-L6820DWMFC-7890DNMFC-J1215WMFC-L5710DWMFC-L5902DWMFC-L2740DWRHL-1223WRDCP-L3555CDWDCP-T735DWMFC-J6945DWMFC-B7811DWRJ-2050HL-L6410DNMFC-L5802DWHL-B2181DWMFC-L5912DWMFC-L5715DWMFC-J2740DWMFC-J805DWMFC-L2820DWXLHL-L8230CDWMFC-L2900DWXLMFC-J6980CDWDCP-J577NHL-L6415DWTD-2320DHL-L1230WDCP-T428WMFC-J6999CDWDCP-J981NDCP-L2551DWDocuPrint M378 dSP-1 (for Japan)DCP-J582NHL-L3240CDWMFC-J3540DWDocuPrint P285 dwDocuPrint P288 dwDCP-T525WDCP-J1203NHL-L2460DNDCP-T710W(for China)DCP-J1200W(XL)MFC-J4440NHL-L6415DWTMFC-J995DWTD-4420DNZDCP-B7578DWMFC-J6930DWMFC-J904NHL-L6217DWMFC-L6800DWHL-L6202DWHL-L2460DWXLMFC-L2712DNDCP-L5602DNDCP-T725DWDocuPrint P235 dHL-2595DWHL-L2467DWHL-L2351DWMFC-L2740DWPT-E850TKW (for UAE)MFC-L2710DWRHL-5590DNMFC-J6583CDWDCP-T510WQL-1110NWBMFC-L2827DWTD-2350DSADCP-L5518DNMFC-J1800DWQL-820NWBHL-L8260CDNDCP-1612WRDocuPrint M378 dfHL-L2352DWMFC-T910DWMFC-J4443NDocuPrint P388 dwMFC-J6535DWDCP-J972NMFC-L5755DWDCP-T520WMFC-L2685DWMFC-L2730DNMFC-L2827DWXLHL-1223WERJ-3050bizhub 5020iHL-L2366DWTD-4420DNDCP-T425WDCP-J987N-WMFC-J5855DW XLMFC-J7500CDWDocuPrint M225 dwTD-2350DDCP-L2550DW(TWN)HL-L3280CDWMFC-J905NMFC-T925DWDocuPrint P275 dwMFC-L2862DWDCP-J914NMFC-L2771DWHL-L2440DWMFC-L6970DWMFC-J6995CDWMFC-L2980DWHL-L2370DWMFC-J4540DW(XL)DCP-L2535DWHL-L6210DWMFC-T4500DWMFC-L2770DWHL-L6402DWMFC-L9630CDNMFC-L5728DWDCP-L2520DWRDCP-L2551DNDCP-L2518DWHL-L2447DWMFC-J1605DNHL-1210WMFC-L2732DWDCP-L3550CDWMFC-J6957DWHL-L2420DWDCP-7189DWHL-L9410CDNDCP-L2530DWDCP-L1630WHL-L1238WMFC-L6750DWMFC-1910WEDCP-L3510CDWMFC-J995DW XLMFC-L6710DWMFC-J3930DWe-STUDIO301DNDCP-L2627DWEPT-E550W (for Vietnum)HL-L3290CDWDocuPrint M225 zDCP-L2548DWMFC-L5717DWHL-2569DWDCP-1610WRMFC-J5345DWDCP-T236HL-B2150WDCP-C1210NMFC-J5740DWMFC-L2717DWMFC-L5750DWMFC-L5900DWDCP-L2550DNMFC-L3770CDWDCP-J1800DWHL-L5210DNMFC-J6947DWHL-EX415DWHL-J6000CDWDCP-L2560DWRHL-1212WRHL-L2405WHL-L6210DWTHL-L6400DWMFC-L2751DWFAX-L2710DNDCP-L2680DWMFC-L6912DWMFC-L2720DWRHL-L5212DWDCP-J978N-W/BMFC-B7800DNMFC-L8390CDWTD-2310DDCP-L2560DWHL-B2180DWBHL-1218WMFC-7880DNHL-3190CDWMFC-1910WDocuPrint M275 zMFC-J5845DW(XL)DCP-C421WDCP-9030CDNHL-L3288CDWMFC-J5340DWMFC-J6959DWMFC-7895DWApeosPrint 4620 SDWMFC-L2807DWbizhub 4020iDCP-J526NMFC-1915WHL-L2370DNHL-L1808WMFC-L8610CDW(for Japan)DCP-L2600DWHL-B2158WMFC-T935DWMFC-L9635CDNDCP-L5660DNDCP-J915NDCP-L2627DWXLDCP-T830DWDocuPrint P378 dwDCP-L2550DWMFC-L6915DN CSPMFC-L2730DWRHL-1222WEMFC-J6530DWHL-B2180DWHL-L2376DWMFC-7889DWDCP-1612WEHL-L2380DWHL-L6200DWQL-820NWBcDCP-1623WRMFC-J5340DWEbizhub 5000iMFC-J1500NDCP-L5512DNNFC-J903NHL-B2188DWbizhub 3080MFMFC-L3740CDWEDCP-J1200WEMFC-B7810DWBMFC-J5730DWMFC-J690DWHL-L2350DWMFC-L2750DWXLHL-1210WRDCP-T226MFC-L6915DNRJ-3150MFC-L5915DWHL-L6418DWDCP-L5510DWMFC-L2885DWHL-L2425DWADS-3000NTD-2350DFSAHL-L3270CDWMFC-L2730DWDCP-T710WHL-L3220CDWMFC-L2860DWDCP-T536DWDocuPrint M285 zHL-L6300DWMFC-L5800DWRJ-2150HL-L6450DWDCP-L3520CDWMFC-L2817DWDCP-J528NMFC-L2710DNDCP-L2550DNRDocuPrint P385 dwMFC-EX910DocuPrint P225 dMFC-L3740CDWDCP-L3515CDWMFC-L2820DWDCP-L1848Wbizhub 4000iMFC-L5700DNDocuPrint M288 dwDocuPrint M385 zMFC-J939DWNDCP-L5510DNHL-L6400DWTPT-P750WDCP-B7658DWDocuPrint M375 dfDCP-L2628DWM 340WMFC-L2860DWEMFC-J738DNHL-L2400DWEMFC-L2880DWDCP-L2605DWHL-L5210DWTMFC-L6950DWDCP-L2648DWDCP-J4143NMFC-L2680WHL-2590DNHL-L3220CWMFC-L3710CDWMFC-L2750DWMFC-B7720DNTD-4550DNWBMFC-T810W(for China)DCP-1610WEPT-E850TKW (for Thailand)HL-L2360DNRMFC-L2716DWPT-E550W (for Koria)HL-L6200DWTHL-L5100DNTDocuPrint P375 dDCP-L2622DWHL-L6250DWDocuPrint M115 fwHL-L5218DNMFC-L9570CDW(for Japan)HL-L2480DWMFC-L2710DWM 340FWDCP-1616NWHL-L2372DNHL-L1232WMFC-L3780CDWMFC-L2805DWMFC-L2710DNRMFC-J6935DWHL-L3228CDWDCP-L2540DWHL-L9310CDWMFC-J3940DWMFC-J6555DW XLMFC-J6580CDWHL-L8360CDWADS-3600WMFC-L8900CDWMFC-J491DWDCP-T510W(for China)MFC-J1010DWDCP-1615NWHL-B2100DMFC-L6915DWDCP-J1200NDCP-L3520CDWEHL-L2865DWMFC-L2720DNDCP-T230DCP-L2520DWMFC-L2920DWDCP-1622WEMFC-L6900DWGMFC-J895DWMFC-B7810DWMFC-L3720CDWHL-L8240CDWDCP-T430WMFC-L3760CDWHL-L2360DWMFC-L3765CDWMFC-J6997CDWFAX-L2700DNDocuPrint M115 wDCP-B7558WDCP-L2600DNFC-EX670MFC-J805DW XLDCP-B7608WPT-E850TKW (for China)DCP-7190DWMFC-L2700DNMFC-J6730DWDCP-B7640DWDCP-J774DWMFC-L2712DWMFC-1919NWDCP-L2552DNMFC-J1012DWHL-2560DNHL-L2305WHL-L2385DWMFC-L2713DWDCP-L2625DWDCP-B7530DNFAX-L2800DWMFC-L2802DNMFC-J6983CDWMFC-J739DNHL-L3230CDWMFC-J6555DWDCP-T720DWDCP-L2627DWMFC-L5718DNMFC-L5715DNDCP-J1100DWDocuPrint M235 dwHL-L6400DWGApeosPrint 4620 SDN (For Asia-Pacific)PT-E550W (for Thailand)HL-J6000DWHL-L2370DNRDCP-B7620DWBDCP-7195DWHL-L6415DNHL-L2445DWMFC-J6940DWDCP-T238HL-L3230CDNDocuPrint P265 dwHL-L5210DWDCP-B7535DWMFC-J4335DW(XL)MFC-J6740DWMFC-L9670CDNDocuPrint M118 wHL-L5215DWMFC-L2700DWRTD-4520DNMFC-1911WMFC-J926N-WBMFC-L2707DWADS-2800WMFC-EX915DWMFC-L2802DWRJ-3250WBMFC-J1300DWMFC-L2861DWDCP-1623WEMFC-T810WDCP-L2620DWMFC-L9570CDWMFC-J2730DWDCP-T225ADS-2400NDCP-7090DWMFC-J7100CDWMFC-L6700DWDCP-T730DWMFC-J1205W(XL)MFC-L3768CDWMFC-J739DWNDCP-B7628DWDCP-B7640DWBMFC-L2700DWMFC-L5700DWMFC-J6955DWMFC-L2715DWDCP-B7650DWMFC-L2703DWHL-L2340DWRDocuPrint M268 dwDCP-L3517CDWDCP-L2541DWMFC-J5855DWMFC-J497DWDocuPrint P115 wDCP-J988NMFC-J6540DWEDCP-L2540DNDCP-L2665DWPT-E850TKW (for Asia pacific, EU, US)HL-3160CDWDCP-L5662DNMFC-L9577CDWHL-L2400DWDCP-L3551CDWDocuPrint M288 zQL-810WHL-L5202DWMFC-J4340DW(XL)MFC-B7715DWDCP-T426WP 201WDCP-L5500DNSP 230SFNwMFC-J7600CDWDCP-B7600DDCP-L6600DWHL-L2340DWMFC-L2880DWXLPT-E550W (for China)ApeosPrint 4620 SDN (For China)MFC-J6540DWHL-JF1MFC-J5330DWPJ-883DCP-L3568CDWHL-L2375DWRDCP-L5502DNMFC-L2806DWMFC-9350CDWHL-T4000DWTD-2120NMFC-1912WRHL-L6415DN CSPPT-E850TKW (for Koria)HL-B2050DNMFC-L2705DWDCP-J587NHL-L2315DWDocuPrint M235 zTD-2320DFMFC-L6910DNMFC-L2720DWPT-P900WcDCP-J572NDCP-L2530DWRHL-5595DNHL-L5200DWTDCP-J1800NHL-L2360DNDCP-T530DWHL-J6100DWDCP-B7620DWDCP-L5652DNDCP-L5610DNHL-1211WHL-L2464DWHL-L3215CWHL-L2350DWRDCP-L2537DWMFC-L8395CDWMFC-J738DWNHL-L2465DWHL-L2475DWPT-P900WDCP-J1050DWDCP-T220DCP-J1140DWMFC-8530DNDCP-1610W
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-51981
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:23
Updated-26 Jun, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Server Side Request Forgery (SSRF) via WS-Eventing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection.

Action-Not Available
Vendor-Toshiba TecFUJIFILM Business InnovationKonica Minolta, Inc.Brother Industries, LtdRicoh Company, Ltd.
Product-HL-L3210CWDCP-L2640DWMFC-L2690DWHL-L3295CDWTD-2320DSAMFC-L3745CDWDCP-T420WHL-J6010DWHL-EX470WHL-L8245CDWDCP-J572DWMFC-J893NMFC-J4440DWMFC-L2900DWDCP-L3528CDWMFC-L2886DWHL-L2386DWDCP-J4543NPT-E850TKW (for Vietnum)MFC-L8690CDWDCP-J982N-W/BHL-1210WEDocuPrint P118 wTD-2125NDocuPrint M265 zDocuPrint M115 zMFC-L5850DWDCP-T835DWHL-L5212DNMFC-T920DWDocuPrint M268 zDocuPrint M118 zMFC-J3530DWHL-L2370DWXLDocuPrint P378 dMFC-L2715DW(for Tiwan, Koria)MFC-J939DNDCP-T436WMFC-L2835DWMFC-L2922DWMFC-L2800DWDCP-L2660DWMFC-J4535DW(XL)HL-B2080DWMFC-J5830DWMFC-L6900DWMFC-L2765DWMFC-L2700DW(ASA)DCP-T820DWPT-D800WMFC-J5335DWHL-L8260CDWHL-L6412DWDCP-L1632WMFC-L2960DWDCP-L2508DWHL-L2460DWDCP-J772DWMFC-L3755CDWMFC-T930DWPT-E550W (for US, EU)MFC-1916NWHL-L2375DWMFC-L8610CDWDCP-1617NWPT-E550W (for Tiwan, Hongkong)MFC-4340DWEDocuPrint P360 dwHL-1212WEMFC-J5930DWMFC-EX670WDCP-J4140NPT-P950NWMFC-J5800CDWDCP-L8410CDWDCP-B7600DBMFC-J815DW XLDCP-B7638DNSP 230DNwDCP-L2640DNHL-L9430CDNDCP-L2647DWTD-2350DFMFC-J2340DWDCP-J928N-WBDCP-L3560CDWHL-L3300CDWMFC-L2701DWHL-J7010CDWRJ-4250WBHL-L5215DNHL-L5102DWMFC-J7300CDWe-STUDIO302DNFHL-L6300DWTTD-2130NDCP-T435WDCP-L5650DNMFC-L6810DWPJ-773DocuPrint M375 zMFC-J2330DWMFC-1911NWMFC-L3750CDWMFC-L2760DWMFC-J4940DNPT-E550W (for Russia)PT-E800WMFC-L5710DNDCP-L1638WSP-1HL-L6310DWDocuPrint P260 dwDCP-T535DWMFC-J998DNHL-5595DNHHL-L2390DWQL-1115NWBDCP-1612WMFC-8540DNDCP-L5600DNMFC-J998DWNTD-2135NDCP-7180DNMFC-J5945DWDCP-7190DNMFC-L5702DWHL-L2371DNRJ-3150AiHL-L2365DWDocuPrint P268 dPT-E850TKW (for Tiwan)MFC-L6720DWMFC-J5955DWHL-L6250DNMFC-J1170DWMFC-J890DWMFC-L3730CDNMFC-L6902DWMFC-J5630CDWDCP-J1700DWDCP-L2531DWHL-L5050DNDCP-B7548WMFC-L9610CDNMFC-L6702DWDCP-J987N-BDCP-1618WHL-L5200DWDCP-T439WDocuPrint P268 dwHL-L5228DWMFC-9150CDNHL-L2461DNHL-L2395DWHL-L2365DWRMFC-J4540NDCP-J973N-W/BMFC-L8340CDWDCP-L2532DWRJ-2140HL-L9470CDNDCP-B7520DWMFC-J4345DW XLDCP-B7648DWHL-L3220CWEQL-810WcMFC-L3735CDNMFC-J7700CDWDCP-T825DWHL-L5100DNMFC-J898NHL-1212Wbizhub 3000MFMFC-L2750DWRDocuPrint M260 zHL-L2357DWDocuPrint P375 dwHL-B2100DBDCP-L2540DNRHL-L8360CDWTHL-L2325DWRJ-3050AiQL-1110NWBcMFC-L6820DWMFC-7890DNMFC-J1215WMFC-L5710DWMFC-L5902DWMFC-L2740DWRHL-1223WRDCP-L3555CDWDCP-T735DWMFC-J6945DWMFC-B7811DWRJ-2050HL-L6410DNMFC-L5802DWHL-B2181DWMFC-L5912DWMFC-L5715DWMFC-J2740DWMFC-J805DWMFC-L2820DWXLHL-L8230CDWMFC-L2900DWXLMFC-J6980CDWDCP-J577NHL-L6415DWTD-2320DHL-L1230WDCP-T428WMFC-J6999CDWDCP-J981NDCP-L2551DWDocuPrint M378 dSP-1 (for Japan)DCP-J582NHL-L3240CDWMFC-J3540DWDocuPrint P285 dwDocuPrint P288 dwDCP-T525WDCP-J1203NHL-L2460DNDCP-T710W(for China)DCP-J1200W(XL)MFC-J4440NHL-L6415DWTMFC-J995DWTD-4420DNZDCP-B7578DWMFC-J6930DWMFC-J904NHL-L6217DWMFC-L6800DWHL-L6202DWHL-L2460DWXLMFC-L2712DNDCP-L5602DNDCP-T725DWDocuPrint P235 dHL-2595DWHL-L2467DWHL-L2351DWMFC-L2740DWPT-E850TKW (for UAE)MFC-L2710DWRHL-5590DNMFC-J6583CDWDCP-T510WQL-1110NWBMFC-L2827DWTD-2350DSADCP-L5518DNMFC-J1800DWQL-820NWBHL-L8260CDNDCP-1612WRDocuPrint M378 dfHL-L2352DWMFC-T910DWMFC-J4443NDocuPrint P388 dwMFC-J6535DWDCP-J972NMFC-L5755DWDCP-T520WMFC-L2685DWMFC-L2730DNMFC-L2827DWXLHL-1223WERJ-3050bizhub 5020iHL-L2366DWTD-4420DNDCP-T425WDCP-J987N-WMFC-J5855DW XLMFC-J7500CDWDocuPrint M225 dwTD-2350DDCP-L2550DW(TWN)HL-L3280CDWMFC-J905NMFC-T925DWDocuPrint P275 dwMFC-L2862DWDCP-J914NMFC-L2771DWHL-L2440DWMFC-L6970DWMFC-J6995CDWMFC-L2980DWHL-L2370DWMFC-J4540DW(XL)DCP-L2535DWHL-L6210DWMFC-T4500DWMFC-L2770DWHL-L6402DWMFC-L9630CDNMFC-L5728DWDCP-L2520DWRDCP-L2551DNDCP-L2518DWHL-L2447DWMFC-J1605DNHL-1210WMFC-L2732DWDCP-L3550CDWMFC-J6957DWHL-L2420DWDCP-7189DWHL-L9410CDNDCP-L2530DWDCP-L1630WHL-L1238WMFC-L6750DWMFC-1910WEDCP-L3510CDWMFC-J995DW XLMFC-L6710DWMFC-J3930DWe-STUDIO301DNDCP-L2627DWEPT-E550W (for Vietnum)HL-L3290CDWDocuPrint M225 zDCP-L2548DWMFC-L5717DWHL-2569DWDCP-1610WRMFC-J5345DWDCP-T236HL-B2150WDCP-C1210NMFC-J5740DWMFC-L2717DWMFC-L5750DWMFC-L5900DWDCP-L2550DNMFC-L3770CDWDCP-J1800DWHL-L5210DNMFC-J6947DWHL-EX415DWHL-J6000CDWDCP-L2560DWRHL-1212WRHL-L2405WHL-L6210DWTHL-L6400DWMFC-L2751DWFAX-L2710DNDCP-L2680DWMFC-L6912DWMFC-L2720DWRHL-L5212DWDCP-J978N-W/BMFC-B7800DNMFC-L8390CDWTD-2310DDCP-L2560DWHL-B2180DWBHL-1218WMFC-7880DNHL-3190CDWMFC-1910WDocuPrint M275 zMFC-J5845DW(XL)DCP-C421WDCP-9030CDNHL-L3288CDWMFC-J5340DWMFC-J6959DWMFC-7895DWMFC-L2807DWbizhub 4020iDCP-J526NMFC-1915WHL-L2370DNHL-L1808WMFC-L8610CDW(for Japan)DCP-L2600DWHL-B2158WMFC-T935DWMFC-L9635CDNDCP-L5660DNDCP-J915NDCP-L2627DWXLDCP-T830DWDocuPrint P378 dwDCP-L2550DWMFC-L6915DN CSPMFC-L2730DWRHL-1222WEMFC-J6530DWHL-B2180DWHL-L2376DWMFC-7889DWDCP-1612WEHL-L2380DWHL-L6200DWQL-820NWBcDCP-1623WRMFC-J5340DWEbizhub 5000iMFC-J1500NDCP-L5512DNNFC-J903NHL-B2188DWbizhub 3080MFMFC-L3740CDWEDCP-J1200WEMFC-B7810DWBMFC-J5730DWMFC-J690DWHL-L2350DWMFC-L2750DWXLHL-1210WRDCP-T226MFC-L6915DNRJ-3150MFC-L5915DWHL-L6418DWDCP-L5510DWMFC-L2885DWHL-L2425DWADS-3000NTD-2350DFSAHL-L3270CDWMFC-L2730DWDCP-T710WHL-L3220CDWMFC-L2860DWDCP-T536DWDocuPrint M285 zHL-L6300DWMFC-L5800DWRJ-2150HL-L6450DWDCP-L3520CDWMFC-L2817DWDCP-J528NMFC-L2710DNDCP-L2550DNRDocuPrint P385 dwMFC-EX910DocuPrint P225 dMFC-L3740CDWDCP-L3515CDWMFC-L2820DWDCP-L1848Wbizhub 4000iMFC-L5700DNDocuPrint M288 dwDocuPrint M385 zMFC-J939DWNDCP-L5510DNHL-L6400DWTPT-P750WDCP-B7658DWDocuPrint M375 dfDCP-L2628DWM 340WMFC-L2860DWEMFC-J738DNHL-L2400DWEMFC-L2880DWDCP-L2605DWHL-L5210DWTMFC-L6950DWDCP-L2648DWDCP-J4143NMFC-L2680WHL-2590DNHL-L3220CWMFC-L3710CDWMFC-L2750DWMFC-B7720DNTD-4550DNWBMFC-T810W(for China)DCP-1610WEPT-E850TKW (for Thailand)HL-L2360DNRMFC-L2716DWPT-E550W (for Koria)HL-L6200DWTHL-L5100DNTDocuPrint P375 dDCP-L2622DWHL-L6250DWDocuPrint M115 fwHL-L5218DNMFC-L9570CDW(for Japan)HL-L2480DWMFC-L2710DWM 340FWDCP-1616NWHL-L2372DNHL-L1232WMFC-L3780CDWMFC-L2805DWMFC-L2710DNRMFC-J6935DWHL-L3228CDWDCP-L2540DWHL-L9310CDWMFC-J3940DWMFC-J6555DW XLMFC-J6580CDWHL-L8360CDWADS-3600WMFC-L8900CDWMFC-J491DWDCP-T510W(for China)MFC-J1010DWDCP-1615NWHL-B2100DMFC-L6915DWDCP-J1200NDCP-L3520CDWEHL-L2865DWMFC-L2720DNDCP-T230DCP-L2520DWMFC-L2920DWDCP-1622WEMFC-L6900DWGMFC-J895DWMFC-B7810DWMFC-L3720CDWHL-L8240CDWDCP-T430WMFC-L3760CDWHL-L2360DWMFC-L3765CDWMFC-J6997CDWFAX-L2700DNDocuPrint M115 wDCP-B7558WDCP-L2600DNFC-EX670MFC-J805DW XLDCP-B7608WPT-E850TKW (for China)DCP-7190DWMFC-L2700DNMFC-J6730DWDCP-B7640DWDCP-J774DWMFC-L2712DWMFC-1919NWDCP-L2552DNMFC-J1012DWHL-2560DNHL-L2305WHL-L2385DWMFC-L2713DWDCP-L2625DWDCP-B7530DNFAX-L2800DWMFC-L2802DNMFC-J6983CDWMFC-J739DNHL-L3230CDWMFC-J6555DWDCP-T720DWDCP-L2627DWMFC-L5718DNMFC-L5715DNDCP-J1100DWDocuPrint M235 dwHL-L6400DWGPT-E550W (for Thailand)HL-J6000DWHL-L2370DNRDCP-B7620DWBDCP-7195DWHL-L6415DNHL-L2445DWMFC-J6940DWDCP-T238HL-L3230CDNDocuPrint P265 dwHL-L5210DWDCP-B7535DWMFC-J4335DW(XL)MFC-J6740DWMFC-L9670CDNDocuPrint M118 wHL-L5215DWMFC-L2700DWRTD-4520DNMFC-1911WMFC-J926N-WBMFC-L2707DWADS-2800WMFC-EX915DWMFC-L2802DWRJ-3250WBMFC-J1300DWMFC-L2861DWDCP-1623WEMFC-T810WDCP-L2620DWMFC-L9570CDWMFC-J2730DWDCP-T225ADS-2400NDCP-7090DWMFC-J7100CDWMFC-L6700DWDCP-T730DWMFC-J1205W(XL)MFC-L3768CDWMFC-J739DWNDCP-B7628DWDCP-B7640DWBMFC-L2700DWMFC-L5700DWMFC-J6955DWMFC-L2715DWDCP-B7650DWMFC-L2703DWHL-L2340DWRDocuPrint M268 dwDCP-L3517CDWDCP-L2541DWMFC-J5855DWMFC-J497DWDocuPrint P115 wDCP-J988NMFC-J6540DWEDCP-L2540DNDCP-L2665DWPT-E850TKW (for Asia pacific, EU, US)HL-3160CDWDCP-L5662DNMFC-L9577CDWHL-L2400DWDCP-L3551CDWDocuPrint M288 zQL-810WHL-L5202DWMFC-J4340DW(XL)MFC-B7715DWDCP-T426WP 201WDCP-L5500DNSP 230SFNwMFC-J7600CDWDCP-B7600DDCP-L6600DWHL-L2340DWMFC-L2880DWXLPT-E550W (for China)MFC-J6540DWHL-JF1MFC-J5330DWPJ-883DCP-L3568CDWHL-L2375DWRDCP-L5502DNMFC-L2806DWMFC-9350CDWHL-T4000DWTD-2120NMFC-1912WRHL-L6415DN CSPPT-E850TKW (for Koria)HL-B2050DNMFC-L2705DWDCP-J587NHL-L2315DWDocuPrint M235 zTD-2320DFMFC-L6910DNMFC-L2720DWPT-P900WcDCP-J572NDCP-L2530DWRHL-5595DNHL-L5200DWTDCP-J1800NHL-L2360DNDCP-T530DWHL-J6100DWDCP-B7620DWDCP-L5652DNDCP-L5610DNHL-1211WHL-L2464DWHL-L3215CWHL-L2350DWRDCP-L2537DWMFC-L8395CDWMFC-J738DWNHL-L2465DWHL-L2475DWPT-P900WDCP-J1050DWDCP-T220DCP-J1140DWMFC-8530DNDCP-1610W
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CVE-2024-4894
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.01%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 02:53
Updated-01 Aug, 2024 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ITPison OMICARD EDM - Server-Side Request Forgery

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.

Action-Not Available
Vendor-ITPisonitpison
Product-OMICARD EDMomicard_edm
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2017-7200
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.38% / 58.31%
||
7 Day CHG~0.00%
Published-21 Mar, 2017 | 06:21
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service.

Action-Not Available
Vendor-n/aOpenStack
Product-glancen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-15823
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.00% / 0.08%
||
7 Day CHG~0.00%
Published-08 Aug, 2020 | 20:17
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.

Action-Not Available
Vendor-n/aJetBrains s.r.o.
Product-youtrackn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-29357
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-0.25% / 47.97%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 18:59
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9.0 (and LifeTime management console before 11.7.0) allows SSRF for arbitrary outbound HTTP requests.

Action-Not Available
Vendor-outsystemsn/a
Product-lifetime_management_consoleoutsystemsplatform_servern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-25236
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 61.13%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 19:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowsworry-free_business_securityofficescanTrend Micro OfficeScanTrend Micro Worry-Free Business Security
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-6308
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-5.3||MEDIUM
EPSS-84.44% / 99.28%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 13:31
Updated-04 Aug, 2024 | 08:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.

Action-Not Available
Vendor-SAP SE
Product-businessobjects_business_intelligence_platformSAP BusinessObjects Business Intelligence Platform (Web Services)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-35558
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.37% / 57.96%
||
7 Day CHG~0.00%
Published-16 Feb, 2021 | 15:26
Updated-16 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF in products of MB connect line and Helmholz

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. There is an SSRF in the in the MySQL access check, allowing an attacker to scan for open ports and gain some information about possible credentials.

Action-Not Available
Vendor-mbconnectlinehelmholzn/a
Product-myrex24.virtualmymbconnect24myrex24mbconnect24n/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-6516
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.26% / 48.62%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 14:50
Updated-30 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation (port-scanning) and to perform requests to adjacent workstations (network-scanning), aka SSRF.

Action-Not Available
Vendor-n/aWSO2 LLC
Product-dashboard_servern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2017-18638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-90.80% / 99.61%
||
7 Day CHG~0.00%
Published-11 Oct, 2019 | 22:01
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.

Action-Not Available
Vendor-graphite_projectn/a
Product-graphiten/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found