关键漏洞信息 Vulnerability Type: CWE-918: Server-Side Request Forgery (SSRF) Severity: Low (3.5) Affected Version: 10.0.3 Status: Fixed Found by: w0rty Description Vulnerability: SSRF in the URL of the RSS feed in glpi-project/glpi. CVE-2022-36112 Bypass: A bypass for CVE-2022-36112 was discovered. Proof of Concept 1. Set up a PHP server on a remote machine with containing: 2. Put a listener on port 4444 on the server running glpi. 3. On the RSS feed, put the URL and hit enter. 4. The request is received on port 4444. Impact This vulnerability can be used by a remote attacker to discover the internal network of the machine running glpi. Timeline Reported: 3 years ago Acknowledged: 3 years ago Severity Modified: From Medium (4.3) to Low (3.5) 3 years ago Fix Bounty: Dropped, fixed in version 10.0.4 Published: 3 years ago