Description

A reverse proxy uses the values of an HTTP request to route the request. Due to the proxy's insecure configuration, it leads to SSRF vulnerability. SSRF as in Server Side Request Forgery is a vulnerability that allows an attacker to force a server into sending requests to arbitrary hosts, including cloud metadata endpoints.

Remediation

Restrict the reverse proxy to route to arbitrary hosts

References

What is Server Side Request Forgery (SSRF)?

Trust No One: The Perils of Trusting User Input

Related Vulnerabilities

Ektron CMS unauthenticated code execution and Local File Read

WordPress Plugin Eshop Magic Arbitrary File Disclosure (0.1)

WordPress Plugin Clone Information Disclosure (2.4.2)

imgproxy SSRF (CVE-2023-30019)

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

Severity

High

Classification

CWE-918 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

SSRF Information Disclosure