Feiyuchuixue Sz-Boot-Parent Server-Side Request Forgery Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in Feiyuchuixue Sz-Boot-Parent versions through 1.3.2-beta. This vulnerability resides in the file download API endpoint, specifically within the common files management module. When the 'url' argument is manipulated, it can lead to unauthorized requests being sent from the server to internal or external resources.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can make the server send requests on its behalf. This could potentially be used to access internal services or resources that are not normally exposed to the public.

Reproduction

To reproduce this vulnerability, first ensure that the 'oss.accessMode' is set to a value other than 'private'. Then, send a request to the '/api/admin/common/files/download' endpoint, manipulating the 'url' parameter to include a URL with a 'file' protocol. The server will process the request and read the specified file, demonstrating the arbitrary file read aspect of the vulnerability.

Remediation

Upgrade to Feiyuchuixue Sz-Boot-Parent version 1.3.3-beta or later, where this vulnerability has been addressed.