CVE-2022-24789
published 2022-03-28CVE-2022-24789: C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery…
PriorityP346high7.6CVSS 3.1
AVNACLPRLUINSUCLILAH
EPSS
0.73%
49.8th percentile
C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| orckestra | c1-cms-foundation | < 6.12 | 6.12 |
| orckestra | c1_cms | < 6.12 | 6.12 |
CVSS provenance
nvdv3.17.6HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Server side request forgery in C1 CMS
osv·2022-03-30
CVE-2022-24789 [HIGH] Server side request forgery in C1 CMS
Server side request forgery in C1 CMS
C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist.
GHSA
Server side request forgery in C1 CMS
ghsa·2022-03-30
CVE-2022-24789 [HIGH] CWE-918 Server side request forgery in C1 CMS
Server side request forgery in C1 CMS
C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also truncate arbitrary files to zero size (effectively delete them) leading to denial of service (DoS) or altering application logic. The authenticated user may unknowingly perform the actions by visiting a specially crafted site. Patched in C1 CMS v6.12, no known workarounds exist.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/Orckestra/C1-CMS-Foundation/releases/tag/v6.12https://github.com/Orckestra/C1-CMS-Foundation/security/advisories/GHSA-j9c2-gr6m-pp45https://github.com/Orckestra/C1-CMS-Foundation/releases/tag/v6.12https://github.com/Orckestra/C1-CMS-Foundation/security/advisories/GHSA-j9c2-gr6m-pp45
2022-03-28
Published