Vulnerabilities > CVE-2021-46107 - Server-Side Request Forgery (SSRF) vulnerability in Ligeo-Archives Ligeo Basics 02012022

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ligeo-archives

CWE-918

NVD

Published: 2022-03-17

Updated: 2024-11-21

Summary

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Vulnerable Configurations

Part	Description	Count
Application	Ligeo-Archives Ligeo Archives Ligeo Basics 02_01-2022	1

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/
https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/
https://raw.githubusercontent.com/Orange-Cyberdefense/CVE-repository/master/PoCs/POC_CVE-2021-46107.py
https://raw.githubusercontent.com/Orange-Cyberdefense/CVE-repository/master/PoCs/POC_CVE-2021-46107.py