ZJ1983 ZZ Server-Side Request Forgery Vulnerability

A critical server-side request forgery (SSRF) vulnerability has been identified in ZJ1983 ZZ versions through 2024-8. The issue arises in the HTTP request handler, specifically within the 'sendNotice' function of 'Customer_noticeAction.java'. This vulnerability allows remote attackers to manipulate the 'url' argument, potentially leading to unauthorized requests being sent from the server.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can make the server send requests on its behalf. This could be used to access internal services or resources that are not normally exposed to the outside world.

Reproduction

To reproduce this vulnerability, log into the application and send a GET request to the '/customerNoticeSend' endpoint. Include a 'url' parameter pointing to a destination that can log requests, such as a DNS log service. The request should be sent with a valid session cookie.