Kasuganosoras Pigeon Server-Side Request Forgery Vulnerability

A critical server-side request forgery (SSRF) vulnerability has been identified in Kasuganosoras Pigeon version 1.0.177. The issue resides in the file '/pigeon/imgproxy/index.php', where the 'url' parameter can be manipulated to send unauthorized requests to internal network resources. This vulnerability can be exploited remotely, potentially leading to unauthorized access to sensitive information or services within the affected network.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can manipulate the application to make requests on behalf of the server. This could be used to access internal services or resources that are not exposed to the public internet, potentially leading to further exploitation or information disclosure.

Reproduction

To reproduce this vulnerability, send a request to the '/pigeon/imgproxy/index.php' endpoint with a crafted 'url' parameter. The value of the 'url' parameter should be manipulated to point to an internal resource or service that the server can access but is not available externally. This can be done by encoding the URL in base64 and including it in the request.

Remediation

Upgrade to Kasuganosoras Pigeon version 1.0.181, which addresses this vulnerability. The patched version is available on the Kasuganosoras Pigeon GitHub releases page.