Vulnerabilities > CVE-2023-40033 - Unspecified vulnerability in Flarum

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

LOW

Availability impact

NONE

network

low complexity

flarum

NVD

Published: 2023-08-16

Updated: 2024-11-21

Summary

Flarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Flarum Flarum Flarum - Flarum Flarum 0.1.0 Flarum Flarum 1.0.0 Flarum Flarum 1.0.1 Flarum Flarum 1.0.2 Flarum Flarum 1.0.3 Flarum Flarum 1.0.4 Flarum Flarum 1.1.0 Flarum Flarum 1.1.1 Flarum Flarum 1.2.0 Flarum Flarum 1.2.1 Flarum Flarum 1.3.0 Flarum Flarum 1.3.1 Flarum Flarum 1.4.0 Flarum Flarum 1.5.0 Flarum Flarum 1.6.0 Flarum Flarum 1.6.1 Flarum Flarum 1.6.2 Flarum Flarum 1.6.3 Flarum Flarum 1.7.0 Flarum Flarum 1.7.1	42

Summary

Vulnerable Configurations

References