CVE-2022-45835
published 2023-11-13CVE-2022-45835: Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.
PriorityP277high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
37.67%
98.3th percentile
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phonepe | phonepe | <= 1.0.15 | — |
| phonepe | phonepe_payment_solutions | n/a – 1.0.15 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for GET requests containing the query parameter 'phonepe_action=curltestPhonePe' combined with a 'url=' parameter pointing to an external/arbitrary domain — this is the SSRF trigger endpoint. ↗
- →A successful SSRF exploitation response will contain the string 'cURL Test for PhonePe' in the HTTP response body with a 200 status code. ↗
- →Monitor for out-of-band HTTP callbacks (OAST/interactsh) triggered by the server after receiving a request to the curltestPhonePe action, indicating successful SSRF. ↗
- ·The SSRF endpoint is unauthenticated (unauth) — no credentials or session are required to trigger the vulnerability, making it exploitable by any remote attacker. ↗
- ·Affected versions are PhonePe Payment Solutions 1.0.15 and below; the fix was introduced in version 2.0.0. Ensure detection rules are scoped to installations running versions up to and including 1.0.15. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck5.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5qhh-783c-vpmm: Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions
ghsa_unreviewed·2023-11-13
CVE-2022-45835 [MEDIUM] CWE-918 GHSA-5qhh-783c-vpmm: Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.
VulnCheck
phonepe phonepe Server-Side Request Forgery (SSRF)
vulncheck·2022·CVSS 5.8
CVE-2022-45835 [MEDIUM] phonepe phonepe Server-Side Request Forgery (SSRF)
phonepe phonepe Server-Side Request Forgery (SSRF)
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.
Affected: phonepe phonepe
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-05&host_type=src&vulnerability=cve-2022-45835; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-06&host_type=src&vulnerability=cve-2022-45835; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-12-11&host_type=src&vulnerabilit
No detection rules found.
Nuclei
WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery
nuclei·CVSS 7.5
CVE-2022-45835 [HIGH] WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery
WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery
WordPress PhonePe Payment Solutions plugin through 1.0.15 is susceptible to server-side request forgery. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
Template:
id: CVE-2022-45835
info:
name: WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery
author: theamanrawat
severity: high
description: |
WordPress PhonePe Payment Solutions plugin through 1.0.15 is susceptible to server-side request forgery. An attacker can cause a website to execute website requests to an arbitrary domain, thereby maki
https://patchstack.com/database/vulnerability/phonepe-payment-solutions/wordpress-phonepe-payment-solutions-plugin-1-0-15-server-side-request-forgery-ssrf?_s_id=cvehttps://patchstack.com/database/vulnerability/phonepe-payment-solutions/wordpress-phonepe-payment-solutions-plugin-1-0-15-server-side-request-forgery-ssrf?_s_id=cve
2023-11-13
Published
Exploited in the wild