CVE-2021-46107

HIGH NUCLEI

Ligeo Archives Ligeo Basics - SSRF

Title source: llm

Description

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features.

Nuclei Templates (1)

Ligeo Archives Ligeo Basics - Server Side Request Forgery

HIGHVERIFIEDby ritikchaddha

Shodan: title:"Ligeo" || http.title:"ligeo"

FOFA: title="Ligeo" || title="ligeo"

References (2)

[Third Party Advisory] https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/

[Exploit, Third Party Advisory] https://raw.githubusercontent.com/Orange-Cyberdefense/CVE-repository/master/PoCs/POC_CVE-2021-46107.py

Scores

CVSS v3 7.5

EPSS 0.6276

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-918

Status published

Products (1)

ligeo-archives/ligeo_basics 02_01-2022

Published Mar 17, 2022

Tracked Since Feb 18, 2026