BMC FootPrints versions 20.20.02 through 20.24.01.001 contain a Server-Side Request Forgery (SSRF) vulnerability in the /footprints/servicedesk/externalfeed/RSS endpoint. The 'feedUrl' parameter allows unauthenticated attackers to force the server to make HTTP requests to arbitrary URLs, enabling access to internal services and bypassing firewall restrictions. This vulnerability is part of a pre-authenticated RCE chain when combined with CVE-2025-71257 (auth bypass) and CVE-2025-71260 (deserialization).
登录后查看神龙缓存的 POC 文件快照
登录查看