TheHive Project UnshortenLink analyzer prior to 1.1, included in Cortex-Analyzers prior to 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "127.0.0.1:22" in the Data parameter. The result can be seen in the main dashboard. Thus, it is possible to do port scans on localhost and intranet hosts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thehive-project cortex-analyzers |