目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-918 服务端请求伪造(SSRF) 类漏洞列表 1539

CWE-918 服务端请求伪造(SSRF) 类弱点 1539 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-918 服务端请求伪造(SSRF)是一种允许攻击者诱导服务器发起恶意请求的漏洞。当服务器接收外部提供的 URL 并据此获取内容时,若未严格校验目标地址,攻击者可构造请求访问内网资源或探测内部服务,从而绕过防火墙限制。开发者应实施严格的白名单机制,限制协议类型,禁用重定向,并对所有输入进行深度验证,确保请求仅能访问预期的合法外部资源,从而有效防御此类攻击。

MITRE CWE 官方描述
CWE:CWE-918 Server-Side Request Forgery (SSRF) 英文:Web 服务器从上游组件接收 URL 或类似请求,并检索该 URL 的内容,但未充分确保该请求被发送至预期的目的地。
常见影响 (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
代码示例 (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE ID标题CVSS风险等级Published
CVE-2026-44313 LinkWarden 链接创建 SSRF 漏洞 — linkwarden 9.1 Critical2026-05-08
CVE-2026-42352 pygeoapi 0.23.x OGC API 未授权SSRF漏洞 — pygeoapi 8.6 High2026-05-08
CVE-2026-42346 Postiz TOCTOU DNS重绑定绕过SSRF验证 — postiz-app 6.5 Medium2026-05-08
CVE-2026-42339 新API:SSRF绕过漏洞 — new-api--2026-05-08
CVE-2026-44286 FastGPT Laf工作节点SSRF漏洞 — FastGPT--2026-05-08
CVE-2026-44284 FastGPT 工作流中存储的MCP工具URL SSRF漏洞 — FastGPT 6.3 Medium2026-05-08
CVE-2026-42345 FastGPT Cloud元数据端点SSRF绕过漏洞 — FastGPT 7.7 High2026-05-08
CVE-2026-42180 Lemmy 通过 Webmention 分发的 /api/v3/post SSRF 漏洞 — lemmy 6.3 Medium2026-05-08
CVE-2026-42181 Lemmy SSRF及未验证OG:Image内部图片泄露漏洞 — lemmy 6.5 Medium2026-05-08
CVE-2026-44335 PraisonAI SSRF绕过漏洞 — PraisonAI--2026-05-08
CVE-2026-41423 Angular Platform-Server SSRF漏洞 — angular--2026-05-08
CVE-2026-8034 GitHub Enterprise Server 笔记本查看器 SSRF 漏洞 — Enterprise Server--2026-05-07
CVE-2026-41105 Azure Monitor Action Group 提权漏洞 — Azure Monitor Action Group notification system 8.1 High2026-05-07
CVE-2026-42449 n8n-MCP validateUrlSync() SSRF绕过漏洞 — n8n-mcp 8.5 High2026-05-07
CVE-2026-41905 FreeScout Helper::sanitizeRemoteUrl SSRF漏洞 — freescout 7.7 High2026-05-07
CVE-2026-8081 router-for-me CLIProxyAPI 服务端请求伪造漏洞 — CLIProxyAPI 6.3 Medium2026-05-07
CVE-2026-41688 Wallos SSRF漏洞(CVE-2026-33399) — Wallos 7.7 High2026-05-07
CVE-2026-41687 Wallos 订阅支付 Logo URL SSRF 绕过漏洞 — Wallos 4.3 Medium2026-05-07
CVE-2026-41413 Istio 请求认证 jwksUri SSRF 漏洞 — istio 5.0 Medium2026-05-07
CVE-2026-42194 Admidio CVE-2026-32812 SSRF漏洞 — admidio 6.8 Medium2026-05-07
CVE-2026-44116 OpenClaw < 2026.4.22 服务端请求伪造漏洞 — OpenClaw 8.6 High2026-05-06
CVE-2026-44117 OpenClaw <2026.4.20 QQBot直传媒体服务器端请求伪造漏洞 — OpenClaw 5.8 Medium2026-05-06
CVE-2026-20035 Cisco Unity Connection 服务器端请求伪造漏洞 — Cisco Unity Connection 7.2 High2026-05-06
CVE-2026-39383 Gotenberg 未授权盲 SSRF 漏洞 — gotenberg--2026-05-05
CVE-2026-35527 Incus 镜像导入预检 SSRF 漏洞 — incus--2026-05-05
CVE-2026-40280 Gotenberg Webhook/下载列表SSRF绕过漏洞 — gotenberg--2026-05-05
CVE-2026-33975 twenty-server SSRF防护绕过漏洞 — twenty--2026-05-05
CVE-2026-7412 BaSyx Java Server SDK<2.0.0-M10反代未校验漏洞 — Eclipse BaSyx 8.6 High2026-05-05
CVE-2026-43527 OpenClaw <2026.4.14 SSRF漏洞 — OpenClaw 7.7 High2026-05-05
CVE-2026-43526 OpenClaw 低于 2026.4.12 服务端请求伪造漏洞 — OpenClaw 8.2 High2026-05-05

CWE-918(服务端请求伪造(SSRF)) 是常见的弱点类别,本平台收录该类弱点关联的 1539 条 CVE 漏洞。