CVE-2023-30019
published 2023-05-08CVE-2023-30019: imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
PriorityP337medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
2.21%
80.4th percentile
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| evilmartians | imgproxy | <= 3.14.0 | — |
| github.com | imgproxy_imgproxy_v3 | >= 0 < 3.15.0 | 3.15.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to the imgproxy path pattern /111/rs:fit:400:400:0:0/plain/http://<oast-url> and look for HTTP 422 response status combined with the string 'Invalid source image' in the response body — this confirms the SSRF probe was processed.
- →Identify exposed imgproxy instances via Shodan using the banner 'Server: imgproxy' or 'server: imgproxy'.
- →The SSRF is triggered via the unsanitized imageURL parameter embedded in the plain/ path segment of imgproxy requests.
- ·The exploit path uses an OAST/interactsh callback URL to confirm out-of-band SSRF; a DNS/HTTP interaction callback is required to confirm exploitation in blind scenarios.
- ·The vulnerability affects imgproxy versions up to and including 3.14.0 only.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy
osv·2024-08-20
CVE-2023-30019 imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy
imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy
imgproxy is vulnerable to Server-Side Request Forgery in github.com/imgproxy/imgproxy
GHSA
imgproxy is vulnerable to Server-Side Request Forgery
ghsa·2023-05-08
CVE-2023-30019 [MEDIUM] CWE-918 imgproxy is vulnerable to Server-Side Request Forgery
imgproxy is vulnerable to Server-Side Request Forgery
imgproxy prior to version 3.15.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
OSV
imgproxy is vulnerable to Server-Side Request Forgery
osv·2023-05-08
CVE-2023-30019 [MEDIUM] imgproxy is vulnerable to Server-Side Request Forgery
imgproxy is vulnerable to Server-Side Request Forgery
imgproxy prior to version 3.15.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
No detection rules found.
Nuclei
Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)
nuclei·CVSS 5.3
CVE-2023-30019 [MEDIUM] Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)
Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
Template:
id: CVE-2023-30019
info:
name: Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)
author: DhiyaneshDK
severity: medium
description: |
imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to internal resources, data leakage, and potential remote code execution.
remediation: |
Upgrade to a version of Imgproxy that is not affected by this vulnerability.
reference:
- https://breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/
- https://gi
No writeups or analysis indexed.
2023-05-08
Published