CVE-2022-40083
CRITICAL NUCLEILabstack Echo < 4.9.0 - Open Redirect via Static Handler
Title source: llmExploitation Summary
CVE-2022-40083 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery (SSRF).
Nuclei Templates (1)
Labstack Echo 4.8.0 - Open Redirect
CRITICALby pdteam
References (1)
Core 1
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/labstack/echo/issues/2259
Scores
CVSS v3
9.6
EPSS
0.0231
EPSS Percentile
81.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-601
Status
published
Products (2)
labstack/echo
4.8.0
labstack/echo
0 - 4.9.0Go
Published
Sep 28, 2022
Tracked Since
Feb 18, 2026