Vulnerabilities > CVE-2018-5752 - Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
description | OX App Suite 7.8.4 - Multiple Vulnerabilities. CVE-2017-17062,CVE-2018-5751,CVE-2018-5752,CVE-2018-5753,CVE-2018-5754,CVE-2018-5755,CVE-2018-5756. Webapps ex... |
file | exploits/xml/webapps/44881.txt |
id | EDB-ID:44881 |
last seen | 2018-06-12 |
modified | 2018-06-12 |
platform | xml |
port | |
published | 2018-06-12 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/44881/ |
title | OX App Suite 7.8.4 - Multiple Vulnerabilities |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/148118/oxappsuite-escalatexss.txt |
id | PACKETSTORM:148118 |
last seen | 2018-06-13 |
published | 2018-06-08 |
reporter | Martin Heiland |
source | https://packetstormsecurity.com/files/148118/OX-App-Suite-7.8.4-XSS-Privilege-Management-SSRF-Traversal.html |
title | OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal |
References
- http://packetstormsecurity.com/files/148118/OX-App-Suite-7.8.4-XSS-Privilege-Management-SSRF-Traversal.html
- http://packetstormsecurity.com/files/148118/OX-App-Suite-7.8.4-XSS-Privilege-Management-SSRF-Traversal.html
- http://seclists.org/fulldisclosure/2018/Jun/23
- http://seclists.org/fulldisclosure/2018/Jun/23
- https://www.exploit-db.com/exploits/44881/
- https://www.exploit-db.com/exploits/44881/