CVE-2022-1213
published 2022-04-05CVE-2022-1213: SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary…
PriorityP345high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.57%
42.9th percentile
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| livehelperchat | live_helper_chat | < 3.97 | 3.97 |
| remdex | livehelperchat | >= 0 < 3.67 | 3.67 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
nvdv3.07.7HIGHCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:N
ghsa8.1HIGH
osv8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Server side request forgery in LiveHelperChat
ghsa·2022-04-06·CVSS 8.1
CVE-2022-1213 [HIGH] CWE-918 Server side request forgery in LiveHelperChat
Server side request forgery in LiveHelperChat
SSRF filter bypass port 80, 433 in LiveHelperChat prior to v3.67. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
OSV
Server side request forgery in LiveHelperChat
osv·2022-04-06·CVSS 8.1
CVE-2022-1213 [HIGH] Server side request forgery in LiveHelperChat
Server side request forgery in LiveHelperChat
SSRF filter bypass port 80, 433 in LiveHelperChat prior to v3.67. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/livehelperchat/livehelperchat/commit/abc9599ee7aded466ca216741dcaea533c908111https://huntr.dev/bounties/084387f6-5b9c-4017-baa2-5fcf65b051e1https://github.com/livehelperchat/livehelperchat/commit/abc9599ee7aded466ca216741dcaea533c908111https://huntr.dev/bounties/084387f6-5b9c-4017-baa2-5fcf65b051e1
2022-04-05
Published