PT-2026-60972 · Zevorn · Rt-Claw
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
A vulnerability was found in zevorn rt-claw up to 0.2.0. The affected element is the function claw net get/claw net post of the file claw/services/tools/net.c of the component http request. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rt-Claw