CVE-2018-1999017
MEDIUMPydio < 8.2.0 - Authenticated Server-Side Request Forgery via Upgrade Engine
Title source: llmDescription
Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. This attack appears to be exploitable via the attacker gaining access to an administrative account, enters a URL into Upgrade Engine, and reloads the page or presses "Check Now". This vulnerability appears to have been fixed in 8.2.1.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txt
Patch, Release Notes, Vendor Advisory x_refsource_confirm
https://pydio.com/en/community/releases/pydio-core/pydio-821-security-release
Scores
CVSS v3
4.9
EPSS
0.0097
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-918
Status
published
Products (1)
pydio/pydio
< 8.2.0
Published
Jul 23, 2018
Tracked Since
Feb 18, 2026