CVE-2023-48023
published 2023-11-28CVE-2023-48023: Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation…
PriorityP270critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EXPLOIT
EPSS
35.05%
98.2th percentile
Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| anyscale | ray | — | — |
| anyscale | ray | — | — |
| anyscale | ray | >= 0 < 2.8.1 | 2.8.1 |
| ray-project | ray-project_ray | unspecified – latest | — |
Detection & IOCsextracted from sources · hover to see the quote
url/log_proxy?url=http://{{interactsh-url}}
port8265
otherhttp.favicon.hash:463802404
othericon_hash=463802404
- →Detect SSRF exploitation attempts by monitoring GET requests to the /log_proxy endpoint with a 'url' parameter containing arbitrary HTTP/HTTPS URLs, particularly targeting internal metadata services (e.g., AWS IMDSv1).
- →Hunt for Ray Dashboard instances exposed on port 8265 binding to 0.0.0.0, which indicates misconfigured deployments vulnerable to unauthenticated SSRF exploitation. ↗
- →Use Shodan query 'http.favicon.hash:463802404' or FOFA query 'icon_hash=463802404' to identify publicly exposed Ray Dashboard instances for asset discovery and exposure assessment.
- →Monitor for exploitation of the SSRF to retrieve AWS IAM credentials via the AWS metadata API endpoint, which is a known post-exploitation objective for this CVE.
- →Alert on DNS interactions originating from Ray Dashboard processes to out-of-band callback infrastructure, as the Nuclei template uses interactsh DNS callbacks to confirm SSRF.
- ·The SSRF is exploitable without any authentication, requiring only network connectivity to the Ray Dashboard port (8265 by default); no credentials or prior access are needed.
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3xqf-mvhg-35j8: Anyscale Ray 2
ghsa_unreviewed·2023-11-28
CVE-2023-48023 [CRITICAL] CWE-918 GHSA-3xqf-mvhg-35j8: Anyscale Ray 2
Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment
GHSA
Ray Missing Authorization vulnerability
ghsa·2023-11-16
CVE-2023-6020 [CRITICAL] CWE-598 Ray Missing Authorization vulnerability
Ray Missing Authorization vulnerability
LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
GHSA
Ray Path Traversal vulnerability
ghsa·2023-11-16
CVE-2023-6021 [CRITICAL] CWE-22 Ray Path Traversal vulnerability
Ray Path Traversal vulnerability
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
OSV
Ray Path Traversal vulnerability
osv·2023-11-16
CVE-2023-6021 [CRITICAL] Ray Path Traversal vulnerability
Ray Path Traversal vulnerability
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
OSV
Ray Missing Authorization vulnerability
osv·2023-11-16
CVE-2023-6020 [CRITICAL] Ray Missing Authorization vulnerability
Ray Missing Authorization vulnerability
LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
Red Hat
ray: Ray Dashboard Command Injection
vendor_redhat·2025-08-07·CVSS 9.8
CVE-2023-6019 [CRITICAL] CWE-78 ray: Ray Dashboard Command Injection
ray: Ray Dashboard Command Injection
A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023
A flaw was found in ray. The `cpu_profile` URL parameter allows for command injection, enabling a remote, unauthenticated attacker to execute arbitrary operating system commands on the system hosting the Ray dashboard. This exploitation occurs directly through a crafted URL. Successful command execution can lead to significant system compromise.
Statement: No Red Hat products
No detection rules found.
Nuclei
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
nuclei·CVSS 9.1
CVE-2023-48023 [CRITICAL] Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
The Ray Dashboard API is affected by a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /log_proxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid.
Template:
id: CVE-2023-48023
info:
name: Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
author: cookiehanhoan,harryha
severity: critical
description: |
The Ray Dashboard API is affected by a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /log_proxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid.
impact: |
The issue is ex
Bleepingcomputer
Hackers exploit Ray framework flaw to breach servers, hijack resources
blogs_bleepingcomputer·2024-03-26·CVSS 9.8
CVE-2023-6019 [CRITICAL] Hackers exploit Ray framework flaw to breach servers, hijack resources
## Hackers exploit Ray framework flaw to breach servers, hijack resources
## Bill Toulas
The framework boasts over 30,500 stars on GitHub , and it is used by many organizations worldwide, including Amazon, Spotify, LinkedIn, Instacart, Netflix, Uber, and OpenAI, that use it for training ChatGPT.
## Active exploitation underway
In November 2023, Anyscale disclosed five Ray vulnerabilities, fixing four tracked as CVE-2023-6019 , CVE-2023-6020 , CVE-2023-6021 , and CVE-2023-48023 .
However, the fifth bug, a critical remote code execution flaw tracked as CVE-2023-48022 , was not fixed because, according to them, its lack of authentication was a long-standing design decision.
"The remaining CVE (CVE-2023-48022) - that Ray does not have authentication built in - is a long-standing design d
Greynoiseio
NoiseLetter October 2025
blogs_greynoiseio
NoiseLetter October 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
2023-11-28
Published