oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2023-25753: Server-Side Request Forgery in Apache ShenYu

From: Zhang Yonglun <zhangyonglun () apache org>
Date: Thu, 19 Oct 2023 12:31:59 +0800
Severity: low

Affected versions:

- Apache ShenYu through 2.5.1

Description:

There exists an SSRF (Server-Side Request Forgery) vulnerability
located at the /sandbox/proxyGateway endpoint. This vulnerability
allows us to manipulate arbitrary requests and retrieve corresponding
responses by inputting any URL into the requestUrl parameter.

Of particular concern is our ability to exert control over the HTTP
method, cookies, IP address, and headers. This effectively grants us
the capability to dispatch complete HTTP requests to hosts of our
choosing.

This issue affects Apache ShenYu: 2.5.1.

Upgrade to Apache ShenYu 2.6.0 or apply patch
https://github.com/apache/shenyu/pull/4776  .

Credit:

by3 (finder)

References:

https://shenyu.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-25753

--

Zhang Yonglun
Apache ShenYu & ShardingSphere
Previous By Date Next
Previous By Thread Next

Current thread: