CVE-2021-40822

HIGH EXPLOITED NUCLEI LAB

GeoServer <2.19.2 - SSRF

Title source: llm

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.

nomisec SCANNER 2 stars

by phor3nsic · remote

Geoserver - Server-Side Request Forgery

HIGHVERIFIEDby For3stCo1d,aringo-bf

Shodan: title:"GeoServer" || http.title:"geoserver"

FOFA: app="GeoServer" || app="geoserver" || title="geoserver"

CVSS v3 7.5

EPSS 0.9325

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

COMMUNITY

Community Lab

docker pull geonode/geoserver

View in Library

VulnCheck KEV 2024-01-22

CWE

CWE-918

Status published

Products (2)

org.geoserver/gs-main 0Maven

osgeo/geoserver < 2.18.5

Published May 02, 2022

Tracked Since Feb 18, 2026