7 matches found
CVE-2025-27600 FastGPT SSRF
FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intrane...
Cockpit Cross-Site Request Forgery Vulnerability
Cockpit is an open source CMS Content Management System for managing structured content. A server-side request forgery vulnerability exists in the /assets/lib/fuc.js.php file in Cockpit versions 0.4.4 through 0.5.5. A remote attacker can exploit this vulnerability to read arbitrary files or send...
Digital Guardian Management Console Server-Side Cross-Site Request Forgery Vulnerability Vulnerability
Digital Guardian Management Console is a suite of data protection software from Digital Guardian, Inc. in the United States. The software is capable of providing software that locates enterprise networks, servers, databases, and clouds to stop malicious behavior by users or malware on endpoints. ...
CVE-2018-10174
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role...
PT-2018-5687 · Red Hat · Cockpit
Name of the Vulnerable Software and Affected Versions: Cockpit version 0.13.0 Description: The issue allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts. This is related to the use of the discontinued aheinze/fetch url contents component, specifically via the url...
CVE-2016-3647
Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery SSRF attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request...
CVE-2006-6264
Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering...