CVE-2015-8813
published 2017-03-03CVE-2015-8813: The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct…
high8.2CVSS 3.0
AVNACLPRNUIRSCCLIHAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
11.59%
95.5th percentile
The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect SSRF exploitation attempts by monitoring HTTP GET requests to /Umbraco/feedproxy.aspx with a 'url' query parameter pointing to internal/external hosts. ↗
- →Use an out-of-band (OAST/interactsh) callback to confirm exploitation — a successful SSRF will trigger an outbound HTTP interaction from the server. ↗
- →Flag requests where the 'url' parameter in feedproxy.aspx targets loopback/internal addresses (e.g., 127.0.0.1) to detect internal network probing. ↗
- →Only one HTTP GET request is needed to trigger the vulnerability — low-noise, single-request attack pattern. ↗
- ·The vulnerability affects Umbraco versions prior to 7.4.0 only; patched installations are not affected. ↗
- ·No authentication is required to exploit this endpoint — the SSRF is reachable by unauthenticated remote attackers. ↗
CVSS provenance
nvdv3.08.2HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
cvelistv58.2HIGH
vulncheck8.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Umbraco CMS vulnerable to CSRF
ghsa·2022-05-17
CVE-2015-8813 [HIGH] CWE-918 Umbraco CMS vulnerable to CSRF
Umbraco CMS vulnerable to CSRF
The `Page_Load` function in [Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs](https://github.com/umbraco/Umbraco-CMS/commit/924a016ffe7ae7ea6d516c07a7852f0095eddbce#diff-2899f01df84571577834f97a81637c65e20178ec6129b76c02f99789b23cf72e) in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.
OSV
Umbraco CMS vulnerable to CSRF
osv·2022-05-17
CVE-2015-8813 [HIGH] Umbraco CMS vulnerable to CSRF
Umbraco CMS vulnerable to CSRF
The `Page_Load` function in [Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs](https://github.com/umbraco/Umbraco-CMS/commit/924a016ffe7ae7ea6d516c07a7852f0095eddbce#diff-2899f01df84571577834f97a81637c65e20178ec6129b76c02f99789b23cf72e) in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.
CVEList
CVE-2015-8813: The Page_Load function in Umbraco
cvelistv5·2017-03-03·CVSS 8.2
CVE-2015-8813 [HIGH] CVE-2015-8813: The Page_Load function in Umbraco
The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.
VulnCheck
umbraco umbraco Server-Side Request Forgery (SSRF)
vulncheck·2015·CVSS 8.2
CVE-2015-8813 [HIGH] umbraco umbraco Server-Side Request Forgery (SSRF)
umbraco umbraco Server-Side Request Forgery (SSRF)
The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter.
Affected: umbraco umbraco
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.f5.com/labs/articles/threat-intelligence/sensor-intel-series-top-cves-august-2024; https://www.f5.com/labs/articles/threat-intelligence/botpoke-scanner-switches-ip; https://www.f5.com/labs/articles/threat-intelligence/continued-scanning-for-cve-2023-1389
No detection rules found.
Nuclei
Umbraco <7.4.0- Server-Side Request Forgery
nuclei·CVSS 8.2
CVE-2015-8813 [HIGH] Umbraco <7.4.0- Server-Side Request Forgery
Umbraco <7.4.0- Server-Side Request Forgery
Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index.
Template:
id: CVE-2015-8813
info:
name: Umbraco <7.4.0- Server-Side Request Forgery
author: emadshanab
severity: high
description: Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index.
impact: |
The vulnerability can result in unauthorized access to sensitive information or systems, leading to potential data breaches or further exploitation.
reme
2017-03-03
Published
Exploited in the wild