icon

We found results for “

CVE-2022-23071

Date: June 19, 2022

Overview

In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information.

Details

In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” functionality. When an attacker enters the localhost URL, a low privileged attacker can access/read the internal file system to access sensitive information.

PoC Details

Access the application through a browser and login as a user. Then, navigate to “import recipes” by clicking on the import button on the dashboard.For POC purpose, make sure your system is listening on a certain port. Select the manual option and enter the localhost URL- <loopback_address>:<open_port>. Proceed with the request. Now under the Discovered Attribute click on “Html”. You will be able to see the list of files.

Affected Environments

0.9.1 through 1.2.5

Prevention

Update version to 1.2.6 or higher

Language: Python

Good to know:

icon

Server-Side Request Forgery (SSRF)

CWE-918
icon

Upgrade Version

Upgrade to version 1.2.6

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): None
Availability (A): None
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): Single
Confidentiality (C): Partial
Integrity (I): None
Availability (A): None
Additional information: