ContiNew Admin Server-Side Request Forgery Vulnerability in Storage Management Module

A server-side request forgery (SSRF) vulnerability has been identified in ContiNew Admin versions through 4.2.0. The issue resides in the Storage Management Module, specifically within the S3ClientFactory.java file. The vulnerability arises because the application allows administrators to configure S3-compatible object storage endpoints without properly validating whether the endpoints point to internal network addresses or cloud metadata services. User-supplied endpoint URLs are directly passed to the URI.create() function and used to establish HTTP connections via the AWS SDK's S3Client, lacking any validation against internal IP addresses or sensitive URLs.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can manipulate the server into making requests on its behalf. This could potentially be used to access internal services or data that are not normally exposed to the outside world.