'[oss-security] CVE-2023-25753: Server-Side Request Forgery in Apache ShenYu'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE-2023-25753: Server-Side Request Forgery in Apache ShenYu
From:       Zhang Yonglun <zhangyonglun () apache ! org>
Date:       2023-10-19 4:31:59
Message-ID: CA+ZBtZ4o+6JaQvuZB=oL6c3U7MG9Lfnu-d9CjFP3jxN37OZQLw () mail ! gmail ! com
[Download RAW message or body]

Severity: low

Affected versions:

- Apache ShenYu through 2.5.1

Description:

There exists an SSRF (Server-Side Request Forgery) vulnerability
located at the /sandbox/proxyGateway endpoint. This vulnerability
allows us to manipulate arbitrary requests and retrieve corresponding
responses by inputting any URL into the requestUrl parameter.

Of particular concern is our ability to exert control over the HTTP
method, cookies, IP address, and headers. This effectively grants us
the capability to dispatch complete HTTP requests to hosts of our
choosing.

This issue affects Apache ShenYu: 2.5.1.

Upgrade to Apache ShenYu 2.6.0 or apply patch
https://github.com/apache/shenyu/pull/4776  .

Credit:

by3 (finder)

References:

https://shenyu.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-25753

--

Zhang Yonglun
Apache ShenYu & ShardingSphere
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic