CVE-2024-27927

{"id": "CVE-2024-27927", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2024-03-21T02:52:21.703", "references": [{"url": "https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/m4/index.js#L10-L14", "source": "security-advisories@github.com"}, {"url": "https://github.com/DIYgod/RSSHub/blob/172f6cfd2b69ea6affdbdedf61e6dde1671f3796/lib/routes/zjol/paper.js#L7-L13", "source": "security-advisories@github.com"}, {"url": "https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/acct.js#L4-L7", "source": "security-advisories@github.com"}, {"url": "https://github.com/DIYgod/RSSHub/blob/5928c5db2472e101c2f5c3bafed77a2f72edd40a/lib/routes/mastodon/utils.js#L85-L105", "source": "security-advisories@github.com"}, {"url": "https://github.com/DIYgod/RSSHub/commit/a42947231104a9ec3436fc52cedb31740c9a7069", "source": "security-advisories@github.com"}, {"url": "https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks. The attacker can send malicious requests to a RSSHub server, to make the server send HTTP GET requests to arbitrary destinations and see partial responses. This may lead to leak the server IP address, which could be hidden behind a CDN; retrieving information in the internal network, e.g. which addresses/ports are accessible, the titles and meta descriptions of HTML pages; and denial of service amplification. The attacker could request the server to download some large files, or chain several SSRF requests in a single attacker request."}, {"lang": "es", "value": "RSSHub es un generador de fuentes RSS de c\u00f3digo abierto. Antes de la versi\u00f3n 1.0.0-master.a429472, RSSHub permit\u00eda a atacantes remotos utilizar el servidor como proxy para enviar solicitudes HTTP GET a objetivos arbitrarios y recuperar informaci\u00f3n en la red interna o realizar ataques de Denegaci\u00f3n de Servicio (DoS). El atacante puede enviar solicitudes maliciosas a un servidor RSSHub para hacer que el servidor env\u00ede solicitudes HTTP GET a destinos arbitrarios y vea respuestas parciales. Esto puede provocar la filtraci\u00f3n de la direcci\u00f3n IP del servidor, que podr\u00eda estar oculta detr\u00e1s de una CDN; recuperar informaci\u00f3n en la red interna, por ejemplo qu\u00e9 direcciones/puertos son accesibles, los t\u00edtulos y meta descripciones de p\u00e1ginas HTML; y denegaci\u00f3n de amplificaci\u00f3n del servicio. El atacante podr\u00eda solicitar al servidor que descargue algunos archivos grandes o encadenar varias solicitudes SSRF en una sola solicitud del atacante."}], "lastModified": "2024-03-21T12:58:51.093", "sourceIdentifier": "security-advisories@github.com"}