A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the argument url can lead to server-side request forgery.
The attack can be executed remotely. Attacks of this nature are highly complex. It is stated that the exploitability is difficult.
Upgrading to version 1.3.3-beta is able to resolve this issue. This patch is called aefaabfd7527188bfba3c8c9eee17c316d094802. Upgrading the affected component is advised.
The project was informed beforehand and acted very professional: "We have added a URL protocol whitelist validation to the file download interface, allowing only http and https protocols."
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
Low
Partial data leak
Integrity
None
No data modification
Availability
None
No disruption
CVSS Vector v4.0
Weakness Type (CWE)
References 7
https://github.com/feiyuchuixue/sz-boot-parent/
cna@vuldb.com
https://github.com/feiyuchuixue/sz-boot-parent/commit/aefaabfd7527188bfba3c8c9e…
cna@vuldb.com
https://github.com/feiyuchuixue/sz-boot-parent/releases/tag/v1.3.3-beta
cna@vuldb.com
https://github.com/yuccun/CVE/blob/main/sz-boot-parent-SSRF_and_Arbitrary_File_…
cna@vuldb.com
https://vuldb.com/?ctiid.347747
cna@vuldb.com
https://vuldb.com/?id.347747
cna@vuldb.com
https://vuldb.com/?submit.754042
cna@vuldb.com