Stack Overflow
Stack Overflow

Questions tagged [ssrf]

Server Side Request Forgery (SSRF) is a vulnerability that appears when an attacker has the ability to create requests from the vulnerable server.

Server Side Request Forgery (SSRF) is a vulnerability that appears when an attacker has the ability to create requests from the vulnerable server.

It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network. Additionally, it’s also possible for an attacker to leverage SSRF to access services from the same server that is listening on the loopback interface (for instance, 127.0.0.1).

23 questions
8
votes
2 answers

Unable to rectify VeraCode CWE ID 918 - (SSRF) in ASP.NET

Long story short, no matter what I try VeraCode continues to flag 8 lines of my code as flaws with CWE 918. This is old code so I'm not sure why it's suddenly being flagged. Here's an example [offending] method with the flagged line in bold public…
m0r6aN
  • 850
  • 1
  • 11
  • 19
4
votes
1 answer

How to check request.getQueryString() method of HttpServletRequest is susceptible for SSRF attack?

In my current application which is in Spring MVC We have code like below for gateway module. URI uri = new URI(restURLProtocol, null, URLDomain, URLPort, "/api" + request.getRequestURI(), request.getQueryString(), null); Gateway module will call…
hemant
  • 564
  • 2
  • 13
  • 37
4
votes
1 answer

Security considerations with server side urllib2.urlopen with url from user

I'd like users to be able to upload images from the web by providing a URL. I don't think I can get the client to fetch the image and upload it due to possible CORS issues and hotlink prevention, so I'm getting the server to do it. The biggest…
jozxyqk
  • 16,424
  • 12
  • 91
  • 180
4
votes
0 answers

How to check if URL is public (anti-SSRF)?

I have a form on the site which allows the user to input URL - node.js app will then use request module to fetch that URL, analyze the response, and print some data back to the user. I want to make sure rogue users are unable to input intranet…
Fluffy
  • 27,504
  • 41
  • 151
  • 234
3
votes
1 answer

Mitigating the risk of Server-Side Request Forgery when downloading files with the .NET Framework

Question: If I have an untrusted, user-supplied URL to a file, how do I protect myself against server-side request forgery when I download that file? Are there tools in the .NET Framework (4.8) base class library that help me, or is there some…
Heinzi
  • 167,459
  • 57
  • 363
  • 519
3
votes
1 answer

Unable to fix veracode cwe id 918 flaw (SSRF) when using API gateway pattern in a Microservices architecture

I am using API Gateway Pattern in a Micro services architecture in which the Front End Angular app makes an HTTP request to my API Gateway project which is simply a ASP.net Core 3.1 Web API project. Currently I only have 2 micro services and an API…
Hamza Khanzada
  • 1,439
  • 1
  • 22
  • 39
3
votes
1 answer

SSRF CheckMarx Vulnerability for String input parameter

I am running CheckMarx scan for one of my project and it comes with a SSRF vulnerability for one of the input string parameters of a method. My method is something like below and SSRF vulnerability is thrown for parameter param1. public String…
Prasann
  • 1,263
  • 2
  • 11
  • 18
2
votes
1 answer

Getting Server-Side Request Forgery (SSRF) (CWE ID 918) restTemplate.getForEntity

I am using restTemplate for synchronous inter-service communication in a microservices architecture. When we completed Veracode scan, we are getting Server-Side Request Forgery (SSRF) (CWE ID 918) in getForEntity…
SSK
  • 3,444
  • 6
  • 32
  • 59
2
votes
1 answer

How can I prevent SSRF via pathinfo passing a URL in PHP?

After scanning through our code using Acunetix for vunerabilities, we had an issue with the following script which said: "An HTTP request was initiated for the domain hit0yPI7kOCzl.bxss.me which indicates that this script is vulnerable to SSRF…
chris
  • 605
  • 1
  • 9
  • 27
1
vote
0 answers

SSRF Prevention on Pupeteer on HTML to Image functionality

I have a website where people can upload HTML/AMP template and we generate thumbnail of the uploaded template. Now the issue is that since people can upload any HTML/AMP templates and it can have script under