CVE-2024-25738
published 2024-05-22CVE-2024-25738: A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a…
PriorityP258critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.68%
47.8th percentile
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A mitigating factor is that it requires the allow_url_include PHP runtime setting to be on, which is off in default installations. It also requires the /Upgrade route to be exposed, which is exposed by default after installing VuFind, and is recommended to be disabled by setting autoConfigure to false in config.ini.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vufind | vufind | >= 2.0 < 9.1.1 | 9.1.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
VuFind Server-Side Request Forgery (SSRF) vulnerability
ghsa·2024-05-22
CVE-2024-25738 [CRITICAL] CWE-918 VuFind Server-Side Request Forgery (SSRF) vulnerability
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A mitigating factor is that it requires the allow_url_include PHP runtime setting to be on, which is off in default installations. It also requires the /Upgrade route to be exposed, which is exposed by default after installing VuFind, and is recommended to be disabled by setting autoConfigure to false in config.ini.
OSV
VuFind Server-Side Request Forgery (SSRF) vulnerability
osv·2024-05-22
CVE-2024-25738 [CRITICAL] VuFind Server-Side Request Forgery (SSRF) vulnerability
VuFind Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A mitigating factor is that it requires the allow_url_include PHP runtime setting to be on, which is off in default installations. It also requires the /Upgrade route to be exposed, which is exposed by default after installing VuFind, and is recommended to be disabled by setting autoConfigure to false in config.ini.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-05-22
Published