3 matches found
CVE-2025-44043
Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery SSRF in /KeyotiSearchEngineWebCommon/SearchService.svc/GetResults and /KeyotiSearchEngineWebCommon/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory...
CVE-2025-44043
Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery SSRF in /KeyotiSearchEngineWebCommon/SearchService.svc/GetResults and /KeyotiSearchEngineWebCommon/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory...
CVE-2025-44043
Keyoti SearchUnit (prior to 9.0.0) is affected by two CVEs: CVE-2025-44043 (SSRF) in /SearchService.svc/GetResults and /GetLocationAndContentCategories, where an attacker can specify an SMB server as indexDirectory to cause the server to read/write configuration and log files on the attacker’s ho...