CVE-2017-18638
HIGH NUCLEIGraphite < 1.1.5 - Server-Side Request Forgery via Email Composer
Title source: llmExploitation Summary
CVE-2017-18638 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
Nuclei Templates (1)
Graphite <=1.1.5 - Server-Side Request Forgery
HIGHby huowuzhao
References (6)
Core 6
Core References
Broken Link x_refsource_misc
https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-275q-4pvm
Third Party Advisory x_refsource_misc
https://github.com/graphite-project/graphite-web/issues/2008
Exploit, Mitigation, Third Party Advisory x_refsource_misc
https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-bug-internal-graphite-ssrf
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=ds4Gp4xoaeA
Third Party Advisory x_refsource_misc
https://github.com/graphite-project/graphite-web/pull/2499
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/10/msg00030.html
Scores
CVSS v3
7.5
EPSS
0.1695
EPSS Percentile
96.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-918
Status
published
Products (2)
graphite_project/graphite
< 1.1.5
pypi/graphite-web
0 - 1.1.6PyPI
Published
Oct 11, 2019
Tracked Since
Feb 18, 2026