cbcvebase.
CVE-2024-29030
published 2024-04-19

CVE-2024-29030: memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /api/resource that allows authenticated users…

PriorityP278medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.14%
62.5th percentile
memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /api/resource that allows authenticated users to enumerate the internal network. Version 0.22.0 of memos removes the vulnerable file.

Affected

3 ranges
VendorProductVersion rangeFixed in
github.comusememos_memos>= 0 < 0.22.00.22.0
usememosmemos< 0.22.00.22.0
usememosmemos>= 0.13.2 < 0.22.00.22.0

Detection & IOCsextracted from sources · hover to see the quote

url/api/resource
path/o/get/resource?url=https://{{interactsh-url}}
  • SSRF triggered via GET request to /o/get/resource with an external URL parameter; detect by monitoring outbound DNS/HTTP requests originating from the server following requests to this endpoint.
  • Authenticated users can abuse the /api/resource endpoint to perform SSRF and enumerate internal network hosts.
  • ·The vulnerability is present in Memos version 0.13.2 and is removed in version 0.22.0; ensure version fingerprinting is part of detection triage.
  • ·Exploitation requires authentication; unauthenticated scanning will not trigger the vulnerability.

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vulncheck5.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.