Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CA+ZBtZ4o+6JaQvuZB=oL6c3U7MG9Lfnu-d9CjFP3jxN37OZQLw@mail.gmail.com>
Date: Thu, 19 Oct 2023 12:31:59 +0800
From: Zhang Yonglun <zhangyonglun@...che.org>
To: oss-security@...ts.openwall.com
Cc: dev@...nyu.apache.org
Subject: CVE-2023-25753: Server-Side Request Forgery in Apache ShenYu

Severity: low

Affected versions:

- Apache ShenYu through 2.5.1

Description:

There exists an SSRF (Server-Side Request Forgery) vulnerability
located at the /sandbox/proxyGateway endpoint. This vulnerability
allows us to manipulate arbitrary requests and retrieve corresponding
responses by inputting any URL into the requestUrl parameter.

Of particular concern is our ability to exert control over the HTTP
method, cookies, IP address, and headers. This effectively grants us
the capability to dispatch complete HTTP requests to hosts of our
choosing.

This issue affects Apache ShenYu: 2.5.1.

Upgrade to Apache ShenYu 2.6.0 or apply patch
https://github.com/apache/shenyu/pull/4776  .

Credit:

by3 (finder)

References:

https://shenyu.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-25753

--

Zhang Yonglun
Apache ShenYu & ShardingSphere

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.