Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-46830

Summary
Assigner-JetBrains
Assigner Org ID-547ada31-17d8-4964-bc5f-1b8238ba8014
Published At-08 Dec, 2022 | 17:38
Updated At-23 Apr, 2025 | 14:22
Rejected At-
Credits

In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:JetBrains
Assigner Org ID:547ada31-17d8-4964-bc5f-1b8238ba8014
Published At:08 Dec, 2022 | 17:38
Updated At:23 Apr, 2025 | 14:22
Rejected At:
▼CVE Numbering Authority (CNA)

In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.

Affected Products
Vendor
JetBrains s.r.o.JetBrains
Product
TeamCity
Default Status
unaffected
Versions
Affected
  • From 2022.10 before 2022.10.1 (semver)
Problem Types
TypeCWE IDDescription
N/AN/ACWE-918
Type: N/A
CWE ID: N/A
Description: CWE-918
Metrics
VersionBase scoreBase severityVector
3.14.1MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Version: 3.1
Base score: 4.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.jetbrains.com/privacy-security/issues-fixed/
N/A
Hyperlink: https://www.jetbrains.com/privacy-security/issues-fixed/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.jetbrains.com/privacy-security/issues-fixed/
x_transferred
Hyperlink: https://www.jetbrains.com/privacy-security/issues-fixed/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@jetbrains.com
Published At:08 Dec, 2022 | 18:15
Updated At:12 Dec, 2022 | 16:35

In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Secondary3.14.1MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 4.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
CPE Matches
JetBrains s.r.o.
jetbrains
>>teamcity>>Versions from 2022.10(inclusive) to 2022.10.1(inclusive)
cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-918Primarynvd@nist.gov
CWE-918Secondarycve@jetbrains.com
CWE ID: CWE-918
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-918
Type: Secondary
Source: cve@jetbrains.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.jetbrains.com/privacy-security/issues-fixed/cve@jetbrains.com
Vendor Advisory
Hyperlink: https://www.jetbrains.com/privacy-security/issues-fixed/
Source: cve@jetbrains.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

151Records found
CVE-2020-28978
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-9.16% / 92.36%
||
7 Day CHG~0.00%
Published-30 Nov, 2020 | 13:21
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/tree.php?subdomain=SSRF.

Action-Not Available
Vendor-canton/a
Product-canton/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-26811
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-5.3||MEDIUM
EPSS-0.80% / 73.18%
||
7 Day CHG~0.00%
Published-10 Nov, 2020 | 16:12
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811, 1905, 2005, allows an unauthenticated attacker to submit a crafted request over a network to a particular SAP Commerce module URL which will be processed without further interaction, the crafted request leads to Server Side Request Forgery attack which could lead to retrieval of limited pieces of information about the service with no impact on integrity or availability.

Action-Not Available
Vendor-SAP SE
Product-commerce_cloud_\(accelerator_payment_mock\)SAP Commerce Cloud (Accelerator Payment Mock)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-24710
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 52.70%
||
7 Day CHG~0.00%
Published-28 Oct, 2020 | 19:33
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gophish before 0.11.0 allows SSRF attacks.

Action-Not Available
Vendor-getgophishn/a
Product-gophishn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-24354
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-27 Jan, 2025 | 17:23
Updated-12 Feb, 2025 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
imgproxy is vulnerable to SSRF against 0.0.0.0

imgproxy is server for resizing, processing, and converting images. Imgproxy does not block the 0.0.0.0 address, even with IMGPROXY_ALLOW_LOOPBACK_SOURCE_ADDRESSES set to false. This can expose services on the local host. This vulnerability is fixed in 3.27.2.

Action-Not Available
Vendor-imgproxy
Product-imgproxy
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-27622
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-4.1||MEDIUM
EPSS-0.20% / 42.32%
||
7 Day CHG+0.01%
Published-25 Oct, 2022 | 16:30
Updated-07 May, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-diskstation_managerDiskStation Manager (DSM)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-56275
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-4.1||MEDIUM
EPSS-0.07% / 21.12%
||
7 Day CHG~0.00%
Published-07 Jan, 2025 | 10:49
Updated-07 Jan, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Envato Elements plugin <= 2.0.14 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14.

Action-Not Available
Vendor-Envato
Product-Envato Elements
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-21122
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.38%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 16:16
Updated-04 Aug, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.

Action-Not Available
Vendor-ureport_projectn/a
Product-ureportn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-23330
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 36.94%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 17:22
Updated-30 May, 2025 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tuta loads images from external resources

Tuta is an encrypted email service. In versions prior to 119.10, an attacker can attach an image in a html mail which is loaded from external resource in the default setting, which should prevent loading of external resources. When displaying emails containing external content, they should be loaded by default only after confirmation by the user. However, it could be recognized that certain embedded images (see PoC) are loaded, even though the "Automatic Reloading of Images" function is disabled by default. The reloading is also done unencrypted via HTTP and redirections are followed. This behavior is unexpected for the user, since the user assumes that external content will only be loaded after explicit manual confirmation. The loading of external content in e-mails represents a risk, because this makes the sender aware that the e-mail address is used, when the e-mail was read, which device is used and expose the user's IP address. Version 119.10 contains a patch for this issue.

Action-Not Available
Vendor-tutatutao
Product-tutanotatutanota
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-51981
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:23
Updated-26 Jun, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Server Side Request Forgery (SSRF) via WS-Eventing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection.

Action-Not Available
Vendor-Brother Industries, LtdToshiba TecFUJIFILM Business InnovationKonica Minolta, Inc.Ricoh Company, Ltd.
Product-HL-L3210CWDCP-L2640DWMFC-L2690DWHL-L3295CDWTD-2320DSAMFC-L3745CDWDCP-T420WHL-J6010DWHL-EX470WHL-L8245CDWDCP-J572DWMFC-J893NMFC-J4440DWMFC-L2900DWDCP-L3528CDWMFC-L2886DWHL-L2386DWDCP-J4543NPT-E850TKW (for Vietnum)MFC-L8690CDWDCP-J982N-W/BHL-1210WEDocuPrint P118 wTD-2125NDocuPrint M265 zDocuPrint M115 zMFC-L5850DWDCP-T835DWHL-L5212DNMFC-T920DWDocuPrint M268 zDocuPrint M118 zMFC-J3530DWHL-L2370DWXLDocuPrint P378 dMFC-L2715DW(for Tiwan, Koria)MFC-J939DNDCP-T436WMFC-L2835DWMFC-L2922DWMFC-L2800DWDCP-L2660DWMFC-J4535DW(XL)HL-B2080DWMFC-J5830DWMFC-L6900DWMFC-L2765DWMFC-L2700DW(ASA)DCP-T820DWPT-D800WMFC-J5335DWHL-L8260CDWHL-L6412DWDCP-L1632WMFC-L2960DWDCP-L2508DWHL-L2460DWDCP-J772DWMFC-L3755CDWMFC-T930DWPT-E550W (for US, EU)MFC-1916NWHL-L2375DWMFC-L8610CDWDCP-1617NWPT-E550W (for Tiwan, Hongkong)MFC-4340DWEDocuPrint P360 dwHL-1212WEMFC-J5930DWMFC-EX670WDCP-J4140NPT-P950NWMFC-J5800CDWDCP-L8410CDWDCP-B7600DBMFC-J815DW XLDCP-B7638DNSP 230DNwDCP-L2640DNHL-L9430CDNDCP-L2647DWTD-2350DFMFC-J2340DWDCP-J928N-WBDCP-L3560CDWHL-L3300CDWMFC-L2701DWHL-J7010CDWRJ-4250WBHL-L5215DNHL-L5102DWMFC-J7300CDWe-STUDIO302DNFHL-L6300DWTTD-2130NDCP-T435WDCP-L5650DNMFC-L6810DWPJ-773DocuPrint M375 zMFC-J2330DWMFC-1911NWMFC-L3750CDWMFC-L2760DWMFC-J4940DNPT-E550W (for Russia)PT-E800WMFC-L5710DNDCP-L1638WSP-1HL-L6310DWDocuPrint P260 dwDCP-T535DWMFC-J998DNHL-5595DNHHL-L2390DWQL-1115NWBDCP-1612WMFC-8540DNDCP-L5600DNMFC-J998DWNTD-2135NDCP-7180DNMFC-J5945DWDCP-7190DNMFC-L5702DWHL-L2371DNRJ-3150AiHL-L2365DWDocuPrint P268 dPT-E850TKW (for Tiwan)MFC-L6720DWMFC-J5955DWHL-L6250DNMFC-J1170DWMFC-J890DWMFC-L3730CDNMFC-L6902DWMFC-J5630CDWDCP-J1700DWDCP-L2531DWHL-L5050DNDCP-B7548WMFC-L9610CDNMFC-L6702DWDCP-J987N-BDCP-1618WHL-L5200DWDCP-T439WDocuPrint P268 dwHL-L5228DWMFC-9150CDNHL-L2461DNHL-L2395DWHL-L2365DWRMFC-J4540NDCP-J973N-W/BMFC-L8340CDWDCP-L2532DWRJ-2140HL-L9470CDNDCP-B7520DWMFC-J4345DW XLDCP-B7648DWHL-L3220CWEQL-810WcMFC-L3735CDNMFC-J7700CDWDCP-T825DWHL-L5100DNMFC-J898NHL-1212Wbizhub 3000MFMFC-L2750DWRDocuPrint M260 zHL-L2357DWDocuPrint P375 dwHL-B2100DBDCP-L2540DNRHL-L8360CDWTHL-L2325DWRJ-3050AiQL-1110NWBcMFC-L6820DWMFC-7890DNMFC-J1215WMFC-L5710DWMFC-L5902DWMFC-L2740DWRHL-1223WRDCP-L3555CDWDCP-T735DWMFC-J6945DWMFC-B7811DWRJ-2050HL-L6410DNMFC-L5802DWHL-B2181DWMFC-L5912DWMFC-L5715DWMFC-J2740DWMFC-J805DWMFC-L2820DWXLHL-L8230CDWMFC-L2900DWXLMFC-J6980CDWDCP-J577NHL-L6415DWTD-2320DHL-L1230WDCP-T428WMFC-J6999CDWDCP-J981NDCP-L2551DWDocuPrint M378 dSP-1 (for Japan)DCP-J582NHL-L3240CDWMFC-J3540DWDocuPrint P285 dwDocuPrint P288 dwDCP-T525WDCP-J1203NHL-L2460DNDCP-T710W(for China)DCP-J1200W(XL)MFC-J4440NHL-L6415DWTMFC-J995DWTD-4420DNZDCP-B7578DWMFC-J6930DWMFC-J904NHL-L6217DWMFC-L6800DWHL-L6202DWHL-L2460DWXLMFC-L2712DNDCP-L5602DNDCP-T725DWDocuPrint P235 dHL-2595DWHL-L2467DWHL-L2351DWMFC-L2740DWPT-E850TKW (for UAE)MFC-L2710DWRHL-5590DNMFC-J6583CDWDCP-T510WQL-1110NWBMFC-L2827DWTD-2350DSADCP-L5518DNMFC-J1800DWQL-820NWBHL-L8260CDNDCP-1612WRDocuPrint M378 dfHL-L2352DWMFC-T910DWMFC-J4443NDocuPrint P388 dwMFC-J6535DWDCP-J972NMFC-L5755DWDCP-T520WMFC-L2685DWMFC-L2730DNMFC-L2827DWXLHL-1223WERJ-3050bizhub 5020iHL-L2366DWTD-4420DNDCP-T425WDCP-J987N-WMFC-J5855DW XLMFC-J7500CDWDocuPrint M225 dwTD-2350DDCP-L2550DW(TWN)HL-L3280CDWMFC-J905NMFC-T925DWDocuPrint P275 dwMFC-L2862DWDCP-J914NMFC-L2771DWHL-L2440DWMFC-L6970DWMFC-J6995CDWMFC-L2980DWHL-L2370DWMFC-J4540DW(XL)DCP-L2535DWHL-L6210DWMFC-T4500DWMFC-L2770DWHL-L6402DWMFC-L9630CDNMFC-L5728DWDCP-L2520DWRDCP-L2551DNDCP-L2518DWHL-L2447DWMFC-J1605DNHL-1210WMFC-L2732DWDCP-L3550CDWMFC-J6957DWHL-L2420DWDCP-7189DWHL-L9410CDNDCP-L2530DWDCP-L1630WHL-L1238WMFC-L6750DWMFC-1910WEDCP-L3510CDWMFC-J995DW XLMFC-L6710DWMFC-J3930DWe-STUDIO301DNDCP-L2627DWEPT-E550W (for Vietnum)HL-L3290CDWDocuPrint M225 zDCP-L2548DWMFC-L5717DWHL-2569DWDCP-1610WRMFC-J5345DWDCP-T236HL-B2150WDCP-C1210NMFC-J5740DWMFC-L2717DWMFC-L5750DWMFC-L5900DWDCP-L2550DNMFC-L3770CDWDCP-J1800DWHL-L5210DNMFC-J6947DWHL-EX415DWHL-J6000CDWDCP-L2560DWRHL-1212WRHL-L2405WHL-L6210DWTHL-L6400DWMFC-L2751DWFAX-L2710DNDCP-L2680DWMFC-L6912DWMFC-L2720DWRHL-L5212DWDCP-J978N-W/BMFC-B7800DNMFC-L8390CDWTD-2310DDCP-L2560DWHL-B2180DWBHL-1218WMFC-7880DNHL-3190CDWMFC-1910WDocuPrint M275 zMFC-J5845DW(XL)DCP-C421WDCP-9030CDNHL-L3288CDWMFC-J5340DWMFC-J6959DWMFC-7895DWMFC-L2807DWbizhub 4020iDCP-J526NMFC-1915WHL-L2370DNHL-L1808WMFC-L8610CDW(for Japan)DCP-L2600DWHL-B2158WMFC-T935DWMFC-L9635CDNDCP-L5660DNDCP-J915NDCP-L2627DWXLDCP-T830DWDocuPrint P378 dwDCP-L2550DWMFC-L6915DN CSPMFC-L2730DWRHL-1222WEMFC-J6530DWHL-B2180DWHL-L2376DWMFC-7889DWDCP-1612WEHL-L2380DWHL-L6200DWQL-820NWBcDCP-1623WRMFC-J5340DWEbizhub 5000iMFC-J1500NDCP-L5512DNNFC-J903NHL-B2188DWbizhub 3080MFMFC-L3740CDWEDCP-J1200WEMFC-B7810DWBMFC-J5730DWMFC-J690DWHL-L2350DWMFC-L2750DWXLHL-1210WRDCP-T226MFC-L6915DNRJ-3150MFC-L5915DWHL-L6418DWDCP-L5510DWMFC-L2885DWHL-L2425DWADS-3000NTD-2350DFSAHL-L3270CDWMFC-L2730DWDCP-T710WHL-L3220CDWMFC-L2860DWDCP-T536DWDocuPrint M285 zHL-L6300DWMFC-L5800DWRJ-2150HL-L6450DWDCP-L3520CDWMFC-L2817DWDCP-J528NMFC-L2710DNDCP-L2550DNRDocuPrint P385 dwMFC-EX910DocuPrint P225 dMFC-L3740CDWDCP-L3515CDWMFC-L2820DWDCP-L1848Wbizhub 4000iMFC-L5700DNDocuPrint M288 dwDocuPrint M385 zMFC-J939DWNDCP-L5510DNHL-L6400DWTPT-P750WDCP-B7658DWDocuPrint M375 dfDCP-L2628DWM 340WMFC-L2860DWEMFC-J738DNHL-L2400DWEMFC-L2880DWDCP-L2605DWHL-L5210DWTMFC-L6950DWDCP-L2648DWDCP-J4143NMFC-L2680WHL-2590DNHL-L3220CWMFC-L3710CDWMFC-L2750DWMFC-B7720DNTD-4550DNWBMFC-T810W(for China)DCP-1610WEPT-E850TKW (for Thailand)HL-L2360DNRMFC-L2716DWPT-E550W (for Koria)HL-L6200DWTHL-L5100DNTDocuPrint P375 dDCP-L2622DWHL-L6250DWDocuPrint M115 fwHL-L5218DNMFC-L9570CDW(for Japan)HL-L2480DWMFC-L2710DWM 340FWDCP-1616NWHL-L2372DNHL-L1232WMFC-L3780CDWMFC-L2805DWMFC-L2710DNRMFC-J6935DWHL-L3228CDWDCP-L2540DWHL-L9310CDWMFC-J3940DWMFC-J6555DW XLMFC-J6580CDWHL-L8360CDWADS-3600WMFC-L8900CDWMFC-J491DWDCP-T510W(for China)MFC-J1010DWDCP-1615NWHL-B2100DMFC-L6915DWDCP-J1200NDCP-L3520CDWEHL-L2865DWMFC-L2720DNDCP-T230DCP-L2520DWMFC-L2920DWDCP-1622WEMFC-L6900DWGMFC-J895DWMFC-B7810DWMFC-L3720CDWHL-L8240CDWDCP-T430WMFC-L3760CDWHL-L2360DWMFC-L3765CDWMFC-J6997CDWFAX-L2700DNDocuPrint M115 wDCP-B7558WDCP-L2600DNFC-EX670MFC-J805DW XLDCP-B7608WPT-E850TKW (for China)DCP-7190DWMFC-L2700DNMFC-J6730DWDCP-B7640DWDCP-J774DWMFC-L2712DWMFC-1919NWDCP-L2552DNMFC-J1012DWHL-2560DNHL-L2305WHL-L2385DWMFC-L2713DWDCP-L2625DWDCP-B7530DNFAX-L2800DWMFC-L2802DNMFC-J6983CDWMFC-J739DNHL-L3230CDWMFC-J6555DWDCP-T720DWDCP-L2627DWMFC-L5718DNMFC-L5715DNDCP-J1100DWDocuPrint M235 dwHL-L6400DWGPT-E550W (for Thailand)HL-J6000DWHL-L2370DNRDCP-B7620DWBDCP-7195DWHL-L6415DNHL-L2445DWMFC-J6940DWDCP-T238HL-L3230CDNDocuPrint P265 dwHL-L5210DWDCP-B7535DWMFC-J4335DW(XL)MFC-J6740DWMFC-L9670CDNDocuPrint M118 wHL-L5215DWMFC-L2700DWRTD-4520DNMFC-1911WMFC-J926N-WBMFC-L2707DWADS-2800WMFC-EX915DWMFC-L2802DWRJ-3250WBMFC-J1300DWMFC-L2861DWDCP-1623WEMFC-T810WDCP-L2620DWMFC-L9570CDWMFC-J2730DWDCP-T225ADS-2400NDCP-7090DWMFC-J7100CDWMFC-L6700DWDCP-T730DWMFC-J1205W(XL)MFC-L3768CDWMFC-J739DWNDCP-B7628DWDCP-B7640DWBMFC-L2700DWMFC-L5700DWMFC-J6955DWMFC-L2715DWDCP-B7650DWMFC-L2703DWHL-L2340DWRDocuPrint M268 dwDCP-L3517CDWDCP-L2541DWMFC-J5855DWMFC-J497DWDocuPrint P115 wDCP-J988NMFC-J6540DWEDCP-L2540DNDCP-L2665DWPT-E850TKW (for Asia pacific, EU, US)HL-3160CDWDCP-L5662DNMFC-L9577CDWHL-L2400DWDCP-L3551CDWDocuPrint M288 zQL-810WHL-L5202DWMFC-J4340DW(XL)MFC-B7715DWDCP-T426WP 201WDCP-L5500DNSP 230SFNwMFC-J7600CDWDCP-B7600DDCP-L6600DWHL-L2340DWMFC-L2880DWXLPT-E550W (for China)MFC-J6540DWHL-JF1MFC-J5330DWPJ-883DCP-L3568CDWHL-L2375DWRDCP-L5502DNMFC-L2806DWMFC-9350CDWHL-T4000DWTD-2120NMFC-1912WRHL-L6415DN CSPPT-E850TKW (for Koria)HL-B2050DNMFC-L2705DWDCP-J587NHL-L2315DWDocuPrint M235 zTD-2320DFMFC-L6910DNMFC-L2720DWPT-P900WcDCP-J572NDCP-L2530DWRHL-5595DNHL-L5200DWTDCP-J1800NHL-L2360DNDCP-T530DWHL-J6100DWDCP-B7620DWDCP-L5652DNDCP-L5610DNHL-1211WHL-L2464DWHL-L3215CWHL-L2350DWRDCP-L2537DWMFC-L8395CDWMFC-J738DWNHL-L2465DWHL-L2475DWPT-P900WDCP-J1050DWDCP-T220DCP-J1140DWMFC-8530DNDCP-1610W
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CWE ID-CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
CVE-2024-49822
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.1||MEDIUM
EPSS-0.04% / 8.65%
||
7 Day CHG+0.01%
Published-18 Mar, 2025 | 14:19
Updated-14 Aug, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM QRadar Advisor server-side request forgery

IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

Action-Not Available
Vendor-IBM Corporation
Product-qradar_advisorQRadar Advisor with Watson
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-4894
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.02%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 02:53
Updated-01 Aug, 2024 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ITPison OMICARD EDM - Server-Side Request Forgery

ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.

Action-Not Available
Vendor-ITPisonitpison
Product-OMICARD EDMomicard_edm
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-34808
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.18% / 39.83%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 03:00
Updated-17 Sep, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-media_serverMedia Server
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13924
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 8.14%
||
7 Day CHG~0.00%
Published-08 Mar, 2025 | 12:21
Updated-12 Mar, 2025 | 16:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Starter Templates by FancyWP <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Action-Not Available
Vendor-fancywpfancywp
Product-starter_templatesStarter Templates by FancyWP
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-13905
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 33.72%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 04:21
Updated-12 Mar, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OneStore Sites <= 0.1.1 - Unauthenticated Blind Server-Side Request Forgery

The OneStore Sites plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.1.1 via the class-export.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Action-Not Available
Vendor-sainwpsainwp
Product-onestore_sitesOneStore Sites
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-21498
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 17.09%
||
7 Day CHG~0.00%
Published-17 Feb, 2024 | 05:00
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of the package github.com/greenpau/caddy-security are vulnerable to Server-side Request Forgery (SSRF) via X-Forwarded-Host header manipulation. An attacker can expose sensitive information, interact with internal services, or exploit other vulnerabilities within the network by exploiting this vulnerability.

Action-Not Available
Vendor-n/aauthcrunch
Product-github.com/greenpau/caddy-securitycaddy_security
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-12529
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-5.8||MEDIUM
EPSS-0.28% / 51.36%
||
7 Day CHG~0.00%
Published-02 Mar, 2021 | 21:15
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports.

Action-Not Available
Vendor-mbconnectlineMB connect line
Product-mymbconnect24mbconnect24mymbCONNECT24mbCONNECT24
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-52602
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5||MEDIUM
EPSS-0.10% / 28.34%
||
7 Day CHG+0.02%
Published-16 Jan, 2025 | 19:14
Updated-20 Aug, 2025 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo

Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. This is fixed in MMR v1.3.8. Users are advised to upgrade. Restricting which hosts MMR is allowed to contact via (local) firewall rules or a transparent proxy and may provide a workaround for users unable to upgrade.

Action-Not Available
Vendor-t2bott2bot
Product-matrix-media-repomatrix-media-repo
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-51980
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.28%
||
7 Day CHG~0.00%
Published-25 Jun, 2025 | 07:22
Updated-26 Jun, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.

Action-Not Available
Vendor-Brother Industries, LtdToshiba TecFUJIFILM Business InnovationKonica Minolta, Inc.Ricoh Company, Ltd.
Product-HL-L3210CWDCP-L2640DWMFC-L2690DWHL-L3295CDWTD-2320DSAMFC-L3745CDWDCP-T420WHL-J6010DWHL-EX470WHL-L8245CDWDCP-J572DWMFC-J893NMFC-J4440DWMFC-L2900DWDCP-L3528CDWMFC-L2886DWHL-L2386DWDCP-J4543NPT-E850TKW (for Vietnum)Apeos 4620 SXMFC-L8690CDWDCP-J982N-W/BHL-1210WEDocuPrint P118 wTD-2125NDocuPrint M265 zDocuPrint M115 zMFC-L5850DWDCP-T835DWHL-L5212DNMFC-T920DWDocuPrint M268 zDocuPrint M118 zMFC-J3530DWHL-L2370DWXLDocuPrint P378 dMFC-L2715DW(for Tiwan, Koria)MFC-J939DNDCP-T436WMFC-L2835DWMFC-L2922DWMFC-L2800DWDCP-L2660DWMFC-J4535DW(XL)HL-B2080DWMFC-J5830DWMFC-L6900DWMFC-L2765DWMFC-L2700DW(ASA)DCP-T820DWApeos 4620 SZPT-D800WMFC-J5335DWHL-L8260CDWHL-L6412DWDCP-L1632WApeos 4620 SDFMFC-L2960DWDCP-L2508DWHL-L2460DWDCP-J772DWMFC-L3755CDWMFC-T930DWPT-E550W (for US, EU)MFC-1916NWHL-L2375DWMFC-L8610CDWDCP-1617NWPT-E550W (for Tiwan, Hongkong)MFC-4340DWEDocuPrint P360 dwHL-1212WEMFC-J5930DWMFC-EX670WDCP-J4140NPT-P950NWMFC-J5800CDWDCP-L8410CDWDCP-B7600DBMFC-J815DW XLDCP-B7638DNSP 230DNwDCP-L2640DNHL-L9430CDNDCP-L2647DWTD-2350DFMFC-J2340DWDCP-J928N-WBDCP-L3560CDWHL-L3300CDWMFC-L2701DWHL-J7010CDWRJ-4250WBHL-L5215DNHL-L5102DWMFC-J7300CDWe-STUDIO302DNFHL-L6300DWTTD-2130NDCP-T435WDCP-L5650DNMFC-L6810DWPJ-773DocuPrint M375 zMFC-J2330DWMFC-1911NWMFC-L3750CDWMFC-L2760DWMFC-J4940DNPT-E550W (for Russia)PT-E800WMFC-L5710DNDCP-L1638WSP-1HL-L6310DWDocuPrint P260 dwDCP-T535DWMFC-J998DNHL-5595DNHHL-L2390DWQL-1115NWBDCP-1612WMFC-8540DNDCP-L5600DNMFC-J998DWNTD-2135NDCP-7180DNMFC-J5945DWDCP-7190DNMFC-L5702DWHL-L2371DNRJ-3150AiHL-L2365DWDocuPrint P268 dPT-E850TKW (for Tiwan)MFC-L6720DWMFC-J5955DWHL-L6250DNMFC-J1170DWMFC-J890DWMFC-L3730CDNMFC-L6902DWMFC-J5630CDWDCP-J1700DWDCP-L2531DWHL-L5050DNDCP-B7548WMFC-L9610CDNMFC-L6702DWDCP-J987N-BDCP-1618WHL-L5200DWDCP-T439WDocuPrint P268 dwHL-L5228DWMFC-9150CDNHL-L2461DNHL-L2395DWHL-L2365DWRMFC-J4540NDCP-J973N-W/BMFC-L8340CDWDCP-L2532DWRJ-2140HL-L9470CDNDCP-B7520DWMFC-J4345DW XLDCP-B7648DWHL-L3220CWEQL-810WcMFC-L3735CDNMFC-J7700CDWDCP-T825DWHL-L5100DNMFC-J898NHL-1212Wbizhub 3000MFMFC-L2750DWRDocuPrint M260 zHL-L2357DWDocuPrint P375 dwHL-B2100DBDCP-L2540DNRHL-L8360CDWTHL-L2325DWRJ-3050AiQL-1110NWBcMFC-L6820DWMFC-7890DNMFC-J1215WMFC-L5710DWMFC-L5902DWMFC-L2740DWRHL-1223WRDCP-L3555CDWDCP-T735DWMFC-J6945DWMFC-B7811DWRJ-2050HL-L6410DNMFC-L5802DWHL-B2181DWMFC-L5912DWMFC-L5715DWMFC-J2740DWMFC-J805DWMFC-L2820DWXLHL-L8230CDWMFC-L2900DWXLMFC-J6980CDWDCP-J577NHL-L6415DWTD-2320DHL-L1230WDCP-T428WMFC-J6999CDWDCP-J981NDCP-L2551DWDocuPrint M378 dSP-1 (for Japan)DCP-J582NHL-L3240CDWMFC-J3540DWDocuPrint P285 dwDocuPrint P288 dwDCP-T525WDCP-J1203NHL-L2460DNDCP-T710W(for China)DCP-J1200W(XL)MFC-J4440NHL-L6415DWTMFC-J995DWTD-4420DNZDCP-B7578DWMFC-J6930DWMFC-J904NHL-L6217DWMFC-L6800DWHL-L6202DWHL-L2460DWXLMFC-L2712DNDCP-L5602DNDCP-T725DWDocuPrint P235 dHL-2595DWHL-L2467DWHL-L2351DWMFC-L2740DWPT-E850TKW (for UAE)MFC-L2710DWRHL-5590DNMFC-J6583CDWDCP-T510WQL-1110NWBMFC-L2827DWTD-2350DSADCP-L5518DNMFC-J1800DWQL-820NWBHL-L8260CDNDCP-1612WRDocuPrint M378 dfHL-L2352DWMFC-T910DWMFC-J4443NDocuPrint P388 dwMFC-J6535DWDCP-J972NMFC-L5755DWDCP-T520WMFC-L2685DWMFC-L2730DNMFC-L2827DWXLHL-1223WERJ-3050bizhub 5020iHL-L2366DWTD-4420DNDCP-T425WDCP-J987N-WMFC-J5855DW XLMFC-J7500CDWDocuPrint M225 dwTD-2350DDCP-L2550DW(TWN)HL-L3280CDWMFC-J905NMFC-T925DWDocuPrint P275 dwMFC-L2862DWDCP-J914NMFC-L2771DWHL-L2440DWMFC-L6970DWMFC-J6995CDWMFC-L2980DWHL-L2370DWMFC-J4540DW(XL)DCP-L2535DWHL-L6210DWMFC-T4500DWMFC-L2770DWHL-L6402DWMFC-L9630CDNMFC-L5728DWDCP-L2520DWRDCP-L2551DNDCP-L2518DWHL-L2447DWMFC-J1605DNHL-1210WMFC-L2732DWDCP-L3550CDWMFC-J6957DWHL-L2420DWDCP-7189DWHL-L9410CDNDCP-L2530DWDCP-L1630WHL-L1238WMFC-L6750DWMFC-1910WEDCP-L3510CDWMFC-J995DW XLMFC-L6710DWMFC-J3930DWe-STUDIO301DNDCP-L2627DWEPT-E550W (for Vietnum)HL-L3290CDWDocuPrint M225 zDCP-L2548DWMFC-L5717DWHL-2569DWDCP-1610WRMFC-J5345DWDCP-T236HL-B2150WDCP-C1210NMFC-J5740DWMFC-L2717DWMFC-L5750DWMFC-L5900DWDCP-L2550DNMFC-L3770CDWDCP-J1800DWHL-L5210DNMFC-J6947DWHL-EX415DWHL-J6000CDWDCP-L2560DWRHL-1212WRHL-L2405WHL-L6210DWTHL-L6400DWMFC-L2751DWFAX-L2710DNDCP-L2680DWMFC-L6912DWMFC-L2720DWRHL-L5212DWDCP-J978N-W/BMFC-B7800DNMFC-L8390CDWTD-2310DDCP-L2560DWHL-B2180DWBHL-1218WMFC-7880DNHL-3190CDWMFC-1910WDocuPrint M275 zMFC-J5845DW(XL)DCP-C421WDCP-9030CDNHL-L3288CDWMFC-J5340DWMFC-J6959DWMFC-7895DWApeosPrint 4620 SDWMFC-L2807DWbizhub 4020iDCP-J526NMFC-1915WHL-L2370DNHL-L1808WMFC-L8610CDW(for Japan)DCP-L2600DWHL-B2158WMFC-T935DWMFC-L9635CDNDCP-L5660DNDCP-J915NDCP-L2627DWXLDCP-T830DWDocuPrint P378 dwDCP-L2550DWMFC-L6915DN CSPMFC-L2730DWRHL-1222WEMFC-J6530DWHL-B2180DWHL-L2376DWMFC-7889DWDCP-1612WEHL-L2380DWHL-L6200DWQL-820NWBcDCP-1623WRMFC-J5340DWEbizhub 5000iMFC-J1500NDCP-L5512DNNFC-J903NHL-B2188DWbizhub 3080MFMFC-L3740CDWEDCP-J1200WEMFC-B7810DWBMFC-J5730DWMFC-J690DWHL-L2350DWMFC-L2750DWXLHL-1210WRDCP-T226MFC-L6915DNRJ-3150MFC-L5915DWHL-L6418DWDCP-L5510DWMFC-L2885DWHL-L2425DWADS-3000NTD-2350DFSAHL-L3270CDWMFC-L2730DWDCP-T710WHL-L3220CDWMFC-L2860DWDCP-T536DWDocuPrint M285 zHL-L6300DWMFC-L5800DWRJ-2150HL-L6450DWDCP-L3520CDWMFC-L2817DWDCP-J528NMFC-L2710DNDCP-L2550DNRDocuPrint P385 dwMFC-EX910DocuPrint P225 dMFC-L3740CDWDCP-L3515CDWMFC-L2820DWDCP-L1848Wbizhub 4000iMFC-L5700DNDocuPrint M288 dwDocuPrint M385 zMFC-J939DWNDCP-L5510DNHL-L6400DWTPT-P750WDCP-B7658DWDocuPrint M375 dfDCP-L2628DWM 340WMFC-L2860DWEMFC-J738DNHL-L2400DWEMFC-L2880DWDCP-L2605DWHL-L5210DWTMFC-L6950DWDCP-L2648DWDCP-J4143NMFC-L2680WHL-2590DNHL-L3220CWMFC-L3710CDWMFC-L2750DWMFC-B7720DNTD-4550DNWBMFC-T810W(for China)DCP-1610WEPT-E850TKW (for Thailand)HL-L2360DNRMFC-L2716DWPT-E550W (for Koria)HL-L6200DWTHL-L5100DNTDocuPrint P375 dDCP-L2622DWHL-L6250DWDocuPrint M115 fwHL-L5218DNMFC-L9570CDW(for Japan)HL-L2480DWMFC-L2710DWM 340FWDCP-1616NWHL-L2372DNHL-L1232WMFC-L3780CDWMFC-L2805DWMFC-L2710DNRMFC-J6935DWHL-L3228CDWDCP-L2540DWHL-L9310CDWMFC-J3940DWMFC-J6555DW XLMFC-J6580CDWHL-L8360CDWADS-3600WMFC-L8900CDWMFC-J491DWDCP-T510W(for China)MFC-J1010DWDCP-1615NWHL-B2100DMFC-L6915DWDCP-J1200NDCP-L3520CDWEHL-L2865DWMFC-L2720DNDCP-T230DCP-L2520DWMFC-L2920DWDCP-1622WEMFC-L6900DWGMFC-J895DWMFC-B7810DWMFC-L3720CDWHL-L8240CDWDCP-T430WMFC-L3760CDWHL-L2360DWMFC-L3765CDWMFC-J6997CDWFAX-L2700DNDocuPrint M115 wDCP-B7558WDCP-L2600DNFC-EX670MFC-J805DW XLDCP-B7608WPT-E850TKW (for China)DCP-7190DWMFC-L2700DNMFC-J6730DWDCP-B7640DWDCP-J774DWMFC-L2712DWMFC-1919NWDCP-L2552DNMFC-J1012DWHL-2560DNHL-L2305WHL-L2385DWMFC-L2713DWDCP-L2625DWDCP-B7530DNFAX-L2800DWMFC-L2802DNMFC-J6983CDWMFC-J739DNHL-L3230CDWMFC-J6555DWDCP-T720DWDCP-L2627DWMFC-L5718DNMFC-L5715DNDCP-J1100DWDocuPrint M235 dwHL-L6400DWGApeosPrint 4620 SDN (For Asia-Pacific)PT-E550W (for Thailand)HL-J6000DWHL-L2370DNRDCP-B7620DWBDCP-7195DWHL-L6415DNHL-L2445DWMFC-J6940DWDCP-T238HL-L3230CDNDocuPrint P265 dwHL-L5210DWDCP-B7535DWMFC-J4335DW(XL)MFC-J6740DWMFC-L9670CDNDocuPrint M118 wHL-L5215DWMFC-L2700DWRTD-4520DNMFC-1911WMFC-J926N-WBMFC-L2707DWADS-2800WMFC-EX915DWMFC-L2802DWRJ-3250WBMFC-J1300DWMFC-L2861DWDCP-1623WEMFC-T810WDCP-L2620DWMFC-L9570CDWMFC-J2730DWDCP-T225ADS-2400NDCP-7090DWMFC-J7100CDWMFC-L6700DWDCP-T730DWMFC-J1205W(XL)MFC-L3768CDWMFC-J739DWNDCP-B7628DWDCP-B7640DWBMFC-L2700DWMFC-L5700DWMFC-J6955DWMFC-L2715DWDCP-B7650DWMFC-L2703DWHL-L2340DWRDocuPrint M268 dwDCP-L3517CDWDCP-L2541DWMFC-J5855DWMFC-J497DWDocuPrint P115 wDCP-J988NMFC-J6540DWEDCP-L2540DNDCP-L2665DWPT-E850TKW (for Asia pacific, EU, US)HL-3160CDWDCP-L5662DNMFC-L9577CDWHL-L2400DWDCP-L3551CDWDocuPrint M288 zQL-810WHL-L5202DWMFC-J4340DW(XL)MFC-B7715DWDCP-T426WP 201WDCP-L5500DNSP 230SFNwMFC-J7600CDWDCP-B7600DDCP-L6600DWHL-L2340DWMFC-L2880DWXLPT-E550W (for China)ApeosPrint 4620 SDN (For China)MFC-J6540DWHL-JF1MFC-J5330DWPJ-883DCP-L3568CDWHL-L2375DWRDCP-L5502DNMFC-L2806DWMFC-9350CDWHL-T4000DWTD-2120NMFC-1912WRHL-L6415DN CSPPT-E850TKW (for Koria)HL-B2050DNMFC-L2705DWDCP-J587NHL-L2315DWDocuPrint M235 zTD-2320DFMFC-L6910DNMFC-L2720DWPT-P900WcDCP-J572NDCP-L2530DWRHL-5595DNHL-L5200DWTDCP-J1800NHL-L2360DNDCP-T530DWHL-J6100DWDCP-B7620DWDCP-L5652DNDCP-L5610DNHL-1211WHL-L2464DWHL-L3215CWHL-L2350DWRDCP-L2537DWMFC-L8395CDWMFC-J738DWNHL-L2465DWHL-L2475DWPT-P900WDCP-J1050DWDCP-T220DCP-J1140DWMFC-8530DNDCP-1610W
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-45027
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 23.65%
||
7 Day CHG~0.00%
Published-01 Jan, 2023 | 00:00
Updated-11 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.

Action-Not Available
Vendor-perfsonarn/a
Product-perfsonarn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-4262
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.48%
||
7 Day CHG~0.00%
Published-26 Sep, 2019 | 15:05
Updated-16 Sep, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.

Action-Not Available
Vendor-IBM Corporation
Product-qradar_security_information_and_event_managerQRadar SIEM
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-4741
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.32% / 54.30%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 16:10
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixwindowscontent_navigatorlinux_kernelContent Navigator
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-38648
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.32%
||
7 Day CHG-0.02%
Published-22 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 11:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PDFTranscoder does not block external resources

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-batikdebian_linuxApache XML Graphics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-39276
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-3.5||LOW
EPSS-0.11% / 30.12%
||
7 Day CHG~0.00%
Published-03 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds.

Action-Not Available
Vendor-GLPI Project
Product-glpiglpi
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-37313
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.37% / 57.98%
||
7 Day CHG~0.00%
Published-26 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record.

Action-Not Available
Vendor-n/aOpen-Xchange AG
Product-open-xchange_appsuiten/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-20408
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 53.16%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 01:35
Updated-16 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

Action-Not Available
Vendor-Atlassian
Product-jiraJira Server
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-5122
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-5||MEDIUM
EPSS-0.19% / 41.66%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 15:06
Updated-13 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF in CSV Datasource Plugin

Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests to a bare host with no path (e.g. https://www.example.com/ https://www.example.com/` ), requests to an endpoint other than the one configured by the administrator could be triggered by a specially crafted request from any user, resulting in an SSRF vector. AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

Action-Not Available
Vendor-Grafana Labs
Product-grafanagrafana-csv-datasource
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-50266
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 25.84%
||
7 Day CHG~0.00%
Published-15 Dec, 2023 | 20:42
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bazarr Blind Server-Side Request Forgery (SSRF) in the /test/<protocol>/ endpoint

Bazarr manages and downloads subtitles. In version 1.2.4, the proxy method in bazarr/bazarr/app/ui.py does not validate the user-controlled protocol and url variables and passes them to requests.get() without any sanitization, which leads to a blind server-side request forgery (SSRF). This issue allows for crafting GET requests to internal and external resources on behalf of the server. 1.3.1 contains a partial fix, which limits the vulnerability to HTTP/HTTPS protocols.

Action-Not Available
Vendor-bazarrmorpheus65535
Product-bazarrbazarr
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-15021
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 42.85%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 20:20
Updated-05 Aug, 2024 | 00:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network.

Action-Not Available
Vendor-zingboxn/a
Product-inspectorPalo Alto Networks Zingbox Inspector
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2019-12996
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 42.58%
||
7 Day CHG~0.00%
Published-10 Sep, 2019 | 18:43
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTYPE declarations in the XML input that is potentially unsafe.

Action-Not Available
Vendor-mendixn/a
Product-mendixn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-29188
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 46.21%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 23:50
Updated-23 Apr, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Smokescreen SSRF via deny list bypass (square brackets) in Smokescreen

Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). This only impacted the HTTP proxy functionality of Smokescreen. HTTPS requests were not impacted. Smokescreen version 0.0.4 contains a patch for this issue.

Action-Not Available
Vendor-stripestripe
Product-smokescreensmokescreen
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-41339
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.13% / 33.72%
||
7 Day CHG~0.00%
Published-24 Oct, 2023 | 20:15
Updated-11 Sep, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF in GeoServer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The WMS specification defines an ``sld=<url>`` parameter for GetMap, GetLegendGraphic and GetFeatureInfo operations for user supplied "dynamic styling". Enabling the use of dynamic styles, without also configuring URL checks, provides the opportunity for Service Side Request Forgery. This vulnerability can be used to steal user NetNTLMv2 hashes which could be relayed or cracked externally to gain further access. This vulnerability has been patched in versions 2.22.5 and 2.23.2.

Action-Not Available
Vendor-osgeogeoservergeoserver
Product-geoservergeoservergeoserver
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-41763
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.3||MEDIUM
EPSS-14.59% / 94.21%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Skype for Business Elevation of Privilege Vulnerability

Skype for Business Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-skype_for_business_serverSkype for Business Server 2015 CU13Skype for Business Server 2019 CU7Skype for Business
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-35561
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.21% / 78.17%
||
7 Day CHG~0.00%
Published-16 Feb, 2021 | 15:49
Updated-16 Sep, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SSRF in variuos products of MB connect line and Helmholz

An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. There is an SSRF in the HA module allowing an unauthenticated attacker to scan for open ports.

Action-Not Available
Vendor-helmholzmbconnectlinen/a
Product-myrex24.virtualmymbconnect24myrex24mbconnect24n/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-28977
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-9.16% / 92.36%
||
7 Day CHG~0.00%
Published-30 Nov, 2020 | 13:19
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an unauthenticated attacker can make a request to any internal and external server via /includes/lib/get.php?subdomain=SSRF.

Action-Not Available
Vendor-canton/a
Product-canton/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-0584
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 4.12%
||
7 Day CHG~0.00%
Published-20 Jan, 2025 | 02:06
Updated-21 Jan, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
aEnrich Technology a+HRD - Server-Side Request Forgery (SSRF)

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.

Action-Not Available
Vendor-Yukai Digital Technology (aEnrich)
Product-a+HRD
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-23654
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.1||MEDIUM
EPSS-0.13% / 32.73%
||
7 Day CHG~0.00%
Published-21 Feb, 2024 | 20:28
Updated-22 Apr, 2025 | 16:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
discourse-ai admin-initiated SSRF when interacting with AI services

discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of the plugin that include commit 94ba0dadc2cf38e8f81c3936974c167219878edd contain a patch. As a workaround, one may disable the discourse-ai plugin.

Action-Not Available
Vendor-Civilized Discourse Construction Kit, Inc.
Product-aidiscourse-ai
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-22648
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 34.09%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.

Action-Not Available
Vendor-seopaneln/a
Product-seo_paneln/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-6538
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-25 Nov, 2024 | 06:15
Updated-31 Jul, 2025 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openshift-console: openshift console: server-side request forgery

A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system. The /api/dev-console/proxy/internet endpoint on the OpenShift Console allows authenticated users to have the console's pod perform arbitrary and fully controlled HTTP(s) requests. The full response to these requests is returned by the endpoint. While the name of this endpoint suggests the requests are only bound to the internet, no such checks are in place. An authenticated user can therefore ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenShift Container Platform 4.16Red Hat OpenShift Container Platform 4.17Red Hat OpenShift Container Platform 4.18
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-39055
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.54%
||
7 Day CHG~0.00%
Published-18 Oct, 2022 | 05:40
Updated-09 May, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

Action-Not Available
Vendor-changingtecChanging Information Technology Inc.
Product-rava_certificate_validation_systemRAVA certificate validation system
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-38398
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.11% / 30.32%
||
7 Day CHG-0.02%
Published-22 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 10:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery Information Disclosure Vulnerability

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-batikdebian_linuxApache XML Graphics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-39211
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-3||LOW
EPSS-0.10% / 29.04%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 23:10
Updated-23 Apr, 2025 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server

Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud Enterprise Server is upgraded to 22.2.10.4, 23.0.8 or 24.0.4. There are no known workarounds for this issue.

Action-Not Available
Vendor-Nextcloud GmbH
Product-nextcloud_enterprise_servernextcloud_serversecurity-advisories
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-0870
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5||MEDIUM
EPSS-5.47% / 89.81%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 10:40
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Server-Side Request Forgery (SSRF) in gogs/gogs

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Action-Not Available
Vendor-gogsgogs
Product-gogsgogs/gogs
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-4201
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-3.5||LOW
EPSS-0.09% / 26.65%
||
7 Day CHG~0.00%
Published-27 Jan, 2023 | 00:00
Updated-27 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-32457
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.56% / 67.17%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 02:01
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Data Systems Consulting Co., Ltd. BPM - Blind Server-Side Request Forgery (SSRF)

Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to discover internal network topology base on URL error response.

Action-Not Available
Vendor-digiwinData Systems Consulting Co., Ltd.
Product-business_process_managementBPM
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-36203
Matching Score-4
Assigner-Johnson Controls
ShareView Details
Matching Score-4
Assigner-Johnson Controls
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 37.34%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 14:44
Updated-17 Sep, 2024 | 02:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Johnson Controls Metasys SCT Pro

The affected product may allow an attacker to identify and forge requests to internal systems by way of a specially crafted request.

Action-Not Available
Vendor-johnsoncontrolsJohnnson Controls
Product-metasys_system_configuration_toolMetasys System Configuration Tool (SCT)Metasys System Configuration Tool Pro (SCT Pro)
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-24548
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 44.04%
||
7 Day CHG~0.00%
Published-26 Aug, 2020 | 18:28
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports.

Action-Not Available
Vendor-ericomn/a
Product-access_servern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-28060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.28% / 50.62%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 16:11
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.

Action-Not Available
Vendor-group-officen/a
Product-group_officen/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-1220
Matching Score-4
Assigner-PHP Group
ShareView Details
Matching Score-4
Assigner-PHP Group
CVSS Score-3.7||LOW
EPSS-0.07% / 21.23%
||
7 Day CHG+0.01%
Published-13 Jul, 2025 | 22:18
Updated-22 Jul, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null byte termination in hostnames

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thus opening way to security problems if the user code implements access checks before access using such functions.

Action-Not Available
Vendor-The PHP Group
Product-phpPHP
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-25236
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 61.12%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 19:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowsworry-free_business_securityofficescanTrend Micro OfficeScanTrend Micro Worry-Free Business Security
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-22969
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.3||MEDIUM
EPSS-0.27% / 50.01%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 18:08
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS (ex AWS) IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated IP when downloading rather than relying on DNS.Discoverer: Adrian Tiron from FORTBRIDGE ( https://www.fortbridge.co.uk/ )The Concrete CMS team gave this a CVSS 3.1 score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N . Please note that Cloud IAAS provider mis-configurations are not Concrete CMS vulnerabilities. A mitigation for this vulnerability is to make sure that the IMDS configurations are according to a cloud provider's best practices.This fix is also in Concrete version 9.0.0

Action-Not Available
Vendor-concretecmsn/a
Product-concrete_cmshttps://github.com/concrete5/concrete5
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found