Vulnerabilities > CVE-2019-20055 - Server-Side Request Forgery (SSRF) vulnerability in Liquidpixels Liquifire OS 4.8.0

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
liquidpixels
CWE-918
NVD
Published: 2019-12-29
Updated: 2020-01-02

Summary

LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square brackets.

Vulnerable Configurations

Part Description Count
OS
Liquidpixels
1

Common Weakness Enumeration (CWE)

References