CVE-2022-23556
published 2022-12-22CVE-2022-23556: CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
0.37%
29.1th percentile
CodeIgniter is a PHP full-stack web framework. This vulnerability may allow attackers to spoof their IP address when the server is behind a reverse proxy. This issue has been patched, please upgrade to version 4.2.11 or later, and configure `Config\App::$proxyIPs`. As a workaround, do not use `$request->getIPAddress()`.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codeigniter | codeigniter | >= 4.0.0 < 4.2.11 | 4.2.11 |
| codeigniter4 | codeigniter4 | < 4.2.11 | 4.2.11 |
| codeigniter4 | framework | >= 0 < 4.2.11 | 4.2.11 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
CodeIgniter4 allows spoofing of IP address when using proxy
ghsa·2022-12-22
CVE-2022-23556 [HIGH] CWE-345 CodeIgniter4 allows spoofing of IP address when using proxy
CodeIgniter4 allows spoofing of IP address when using proxy
### Impact
This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy.
### Patches
Upgrade to v4.2.11 or later, and configure `Config\App::$proxyIPs`.
### Workarounds
Do not use `$request->getIPAddress()`.
### References
- https://codeigniter4.github.io/userguide/incoming/request.html#CodeIgniter\HTTP\Request::getIPAddress
### For more information
If you have any questions or comments about this advisory:
* Open an issue in [codeigniter4/CodeIgniter4](https://github.com/codeigniter4/CodeIgniter4/issues)
* Email us at [SECURITY.md](https://github.com/codeigniter4/CodeIgniter4/blob/develop/SECURITY.md)
OSV
CodeIgniter4 allows spoofing of IP address when using proxy
osv·2022-12-22
CVE-2022-23556 [HIGH] CodeIgniter4 allows spoofing of IP address when using proxy
CodeIgniter4 allows spoofing of IP address when using proxy
### Impact
This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy.
### Patches
Upgrade to v4.2.11 or later, and configure `Config\App::$proxyIPs`.
### Workarounds
Do not use `$request->getIPAddress()`.
### References
- https://codeigniter4.github.io/userguide/incoming/request.html#CodeIgniter\HTTP\Request::getIPAddress
### For more information
If you have any questions or comments about this advisory:
* Open an issue in [codeigniter4/CodeIgniter4](https://github.com/codeigniter4/CodeIgniter4/issues)
* Email us at [SECURITY.md](https://github.com/codeigniter4/CodeIgniter4/blob/develop/SECURITY.md)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqchttps://github.com/codeigniter4/CodeIgniter4/commit/5ca8c99b2db09a2a08a013836628028ddc984659https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-ghw3-5qvm-3mqc
2022-12-22
Published