CVE-2023-25753

MEDIUM

Apache ShenYu 2.5.1 - Server-Side Request Forgery via /sandbox/proxyGateway requestUrl Parameter

Title source: llm
STIX 2.1

Description

There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular concern is our ability to exert control over the HTTP method, cookies, IP address, and headers. This effectively grants us the capability to dispatch complete HTTP requests to hosts of our choosing. This issue affects Apache ShenYu: 2.5.1. Upgrade to Apache ShenYu 2.6.0 or apply patch  https://github.com/apache/shenyu/pull/4776  .

References (1)

Core 1
Core References
Mailing List, Vendor Advisory vendor-advisory
https://lists.apache.org/thread/chprswxvb22z35vnoxv9tt3zknsm977d

Scores

CVSS v3 6.5
EPSS 0.0075
EPSS Percentile 73.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-918
Status published
Products (3)
apache/shenyu 2.5.1
org.apache.shenyu/shenyu-admin 0 - 2.6.0Maven
org.apache.shenyu/shenyu-common 0 - 2.6.0Maven
Published Oct 19, 2023
Tracked Since Feb 18, 2026