cbcvebase.
CVE-2021-46107
published 2022-03-17

CVE-2021-46107: Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the…

PriorityP258high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
7.41%
93.7th percentile
Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Affected

1 ranges
VendorProductVersion rangeFixed in
ligeo-archivesligeo_basics

Detection & IOCsextracted from sources · hover to see the quote

url/archive/download?file=file:///etc/passwd
url/archive/download?file=http://{{interactsh-url}}/
path/archive/download
  • Detect SSRF exploitation attempts against the /archive/download endpoint by matching requests containing the 'file=' parameter with file:// or http:// schemes.
  • Confirm target is a Ligeo Archives instance by checking the response body for the string 'Ligeo Archives' before flagging exploitation.
  • Use out-of-band (OOB) HTTP callback detection (e.g., interactsh) to identify blind SSRF via the file= parameter pointing to an external URL.
  • Fingerprint exposed Ligeo instances via Shodan/FOFA using title-based queries before probing for the vulnerability.
  • ·The vulnerability is confirmed present only in Ligeo Basics as of version 02_01-2022; verify the application version before acting on detections.
  • ·The nuclei template requires 3 sequential HTTP requests; the first request is used solely to confirm the 'Ligeo Archives' fingerprint in the response body before the SSRF payloads are evaluated.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.