CVE-2023-43795

HIGH EXPLOITED NUCLEI

GeoServer WPS <2.22.5 and <2.23.2 - Server-Side Request Forgery

Title source: manual

Exploitation Summary

CVE-2023-43795 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2.

Nuclei Templates (1)

GeoServer WPS - Server Side Request Forgery

CRITICALVERIFIEDby DhiyaneshDK

Shodan: title:"GeoServer" || http.title:"geoserver"

FOFA: app="GeoServer" || app="geoserver" || title="geoserver"

References (1)

Core 1

Core References

Mitigation, Vendor Advisory x_refsource_confirm

https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956

Scores

CVSS v3 8.6

EPSS 0.6772

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2024-07-22

CWE

CWE-918

Status published

Products (2)

org.geoserver.extension/gs-wps-core 0 - 2.22.5Maven

osgeo/geoserver < 2.22.5

Published Oct 25, 2023

Tracked Since Feb 18, 2026