CVE-2016-4029 — Server-Side Request Forgery in Wordpress

CWE-918 — Server-Side Request Forgery CWE-285 — Improper Authorization CWE-1389 — Incorrect Parsing of Numbers with Different Radices CWE-1286 — Improper Validation of Syntactic Correctness of Input8 documents6 sources

Severity

8.6HIGHNVD

EPSS

1.4%

top 19.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress Debian Linux

Timeline

PublishedAug 7

Latest updateMay 17

Description

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 4.5+dfsg-1 (bookworm)

▶NVDwordpress/wordpress< 4.5

▶Debianwordpress/wordpress< 4.5+dfsg-1+3

Also affects: Debian Linux 8.0

Patches

Patch: core.trac.wordpress.org ↗Patch: core.trac.wordpress.org ↗

🔴Vulnerability Details

GHSA

GHSA-j2rp-vprg-5m9q: WordPress before 4↗2022-05-17

▶

OSV

CVE-2016-4029: WordPress before 4↗2016-08-07

▶

📋Vendor Advisories

Debian

CVE-2016-4029: wordpress - WordPress before 4.5 does not consider octal and hexadecimal IP address formats ...↗2016

▶

📐Framework References

CWE

Incorrect Parsing of Numbers with Different Radices↗

▶

CWE

Server-Side Request Forgery (SSRF)↗

▶

CWE

Improper Validation of Syntactic Correctness of Input↗

▶

💬Community

Bugzilla

CVE-2016-4029 CVE-2016-6634 CVE-2016-6635 wordpress: 4.5 release security fixes↗2016-08-08

▶