← Back

CVE-2024-51980

nvd nist
Published: Jun 25, 2025Modified: Jun 26, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: cve@rapid7.com (Secondary)

Description

An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (11)

Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: cve@rapid7.com
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.