PT-2016-7447 · Dokuwiki+1 · Dokuwiki+1

Ambulong

Published

2016-10-31

Updated

2016-12-02

CVE-2016-7964

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions DokuWiki versions 2016-06-26a and older

Description The issue allows users to scan ports of internal networks via SSRF, affecting private networks such as 10.0.0.1/8, 172.16.0.0/12, and 192.168.0.0/16, when media file fetching is enabled. This is due to the sendRequest method in the HTTPClient Class in the file /inc/HTTPClient.php having no access restrictions.

Recommendations For DokuWiki versions 2016-06-26a and older, consider disabling media file fetching to prevent SSRF attacks until a patch is available. Restrict access to the sendRequest method in the HTTPClient Class to minimize the risk of exploitation.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2016-7964

Affected Products

Debian

Dokuwiki

PT-2016-7447 · Dokuwiki+1 · Dokuwiki+1

CVE-2016-7964

Weakness Enumeration

Related Identifiers

Affected Products

References · 13