Vulnerabilities > CVE-2024-22648 - Server-Side Request Forgery (SSRF) vulnerability in Seopanel SEO Panel 4.10.0

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

seopanel

CWE-918

NVD

Published: 2024-01-30

Updated: 2024-02-03

Summary

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.

Vulnerable Configurations

Part	Description	Count
Application	Seopanel Seopanel SEO Panel 4.10.0	1

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22648