daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2017/CVE-2017-18638.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-19 11:18:24 -04:00
parent 944e8172b1
commit 5175e4a2e3
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2017/CVE-2017-18638.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2017-18638
info:
name: Graphite 'graphite.composer.views.send_email' SSRF
name: Graphite <=1.1.5 - Server-Side Request Forgery
author: huowuzhao
severity: high
description: Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
description: Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery (SSR)F. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
reference:
- http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html
- https://github.com/graphite-project/graphite-web/issues/2008
@ -27,3 +27,5 @@ requests:
part: interactsh_protocol
words:
- "http"
# Enhanced by mp on 2022/06/19