PT-2026-3248 · Hertzner+1 · Hertzner+1
Aaron Portnoy
·
Publicado
2026-01-16
·
Atualizado
2026-01-23
·
CVE-2026-0613
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TheLibrarian (affected versions not specified)
Description
The Librarian software has an internal port scanning issue stemming from the
web fetch tool. This tool allows for Server-Side Request Forgery (SSRF)-style behavior, enabling GET requests to internal IP addresses and services. This functionality can be exploited to scan the Hertzner cloud environment used by TheLibrarian. The web fetch tool is the component directly involved in this issue.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
SSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hertzner
Thelibrarian