ssrfcheck Server-Side Request Forgery Vulnerability
Vulnerability
A Server-Side Request Forgery (SSRF) vulnerability exists in the ssrfcheck package, all versions prior to 1.2.0. The issue arises from an incomplete denylist of IP address ranges, specifically failing to classify the reserved multicast IP space 224.0.0.0/4 as invalid. This oversight allows attackers to send requests to these multicast addresses, potentially bypassing the intended SSRF protections of the package.
Impact
Exploitation of this vulnerability allows for SSRF attacks, where an attacker can send requests to internal services or resources that are not normally accessible, potentially leading to unauthorized data access or manipulation.
Reproduction
To reproduce this vulnerability, install the ssrfcheck package and use the isSSRFSafeURL function to test URLs that include multicast IP addresses, such as 239.255.255.250. The function will incorrectly return true, indicating that the address is safe, which bypasses the SSRF protection.
Remediation
Users can upgrade to version 1.2.0 or higher, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.