Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,643)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-5784 1Teltonika Networks 1Trb245 Firmware Nov 21, 2024 Oct 1, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a low privileged user to cause the application to perform HTTP GET requests to arbitrary URLs.
CVE-2020-24570 1Mbconnectline 2Mbconnect24 Mymbconnect24 Nov 21, 2024 Sep 30, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the com_mb24proxy module, allowing attackers to steal session information from logged...Show more An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the com_mb24proxy module, allowing attackers to steal session information from logged-in users with a crafted link.Show less
CVE-2020-15594 1Zohocorp 1Manageengine Application Control Plus May 30, 2025 Sep 30, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as a...Show more An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail gateway configuration feature allows an attacker to perform a scan in order to discover open ports on a machine as well as available machines on the network segment on which the instance of the product is deployed.Show less
CVE-2020-14023 1Ozeki 1Ozeki Ng Sms Gateway Nov 21, 2024 Sep 22, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.
CVE-2020-16171 1Acronis 1Cyber Backup Nov 21, 2024 Sep 21, 2020 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate...Show more An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct SSRF attacks against otherwise unreachable Acronis services that are bound to localhost such as the NotificationService on 127.0.0.1:30572.Show less
CVE-2020-15772 1Gradle 1Enterprise Nov 21, 2024 Sep 18, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side pro...Show more An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities (XXE), allowing a remote attacker with administrative access to perform server side request forgery.Show less
CVE-2020-13309 1Gitlab 1Gitlab Nov 21, 2024 Sep 14, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.
CVE-2020-4632 1Ibm 1Infosphere Metadata Asset Manager Nov 21, 2024 Sep 4, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to submit or control serve...Show more IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to submit or control server requests. IBM X-Force ID: 185416.Show less
CVE-2020-12644 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Aug 31, 2020 N/A· v4 5.0 MEDIUM· v3 4.0 MEDIUM· v2 OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.
CVE-2020-24898 1Stiltsoft 1Table Filter And Charts For Confluence Server Nov 21, 2024 Aug 29, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The Table Filter and Charts for Confluence Server app before 5.3.26 (for Atlassian Confluence) allows SSRF via the "Table from CSV" macro (URL parameter).
CVE-2020-9298 1Spinnaker 1Orca Nov 21, 2024 Aug 28, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.
CVE-2020-24548 1Ericom 1Access Server Nov 21, 2024 Aug 26, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about...Show more Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports.Show less
CVE-2020-17386 1Cellopoint 1Cellos May 8, 2025 Aug 25, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system.
CVE-2020-14044 1Codiad 1Codiad Nov 21, 2024 Aug 24, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 PRODUCT NOT SUPPORTED WHEN ASSIGNED A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server requ...Show more PRODUCT NOT SUPPORTED WHEN ASSIGNED A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."Show less
CVE-2020-5775 1Instructure 1Canvas Learning Management Service Nov 21, 2024 Aug 21, 2020 N/A· v4 5.8 MEDIUM· v3 5.0 MEDIUM· v2 Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to cause the Canvas application to perform HTTP GET requests to arbitrary domains.
CVE-2020-15152 1Ftp Srv Project 1Ftp Srv Nov 21, 2024 Aug 17, 2020 N/A· v4 9.1 CRITICAL· v3 5.0 MEDIUM· v2 ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT co...Show more ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be used to cause the server to make a connection elsewhere. A possible workaround is blocking the PORT through the configuration. This issue is fixed in version2 2.19.6, 3.1.2, and 4.3.4. More information can be found on the linked advisory.Show less
CVE-2020-8226 1Phpbb 1Phpbb Nov 21, 2024 Aug 17, 2020 N/A· v4 5.8 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.
CVE-2020-13286 1Gitlab 1Gitlab Nov 21, 2024 Aug 13, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
CVE-2020-14296 1Redhat 1Cloudforms Management Engine Nov 21, 2024 Aug 11, 2020 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not nor...Show more Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.Show less
CVE-2020-13295 1Gitlab 1Runner Nov 21, 2024 Aug 10, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.

Previous 1...117118119...133 Next