CVE-2026-47170
HIGHGarlic-Hub < 1.1 - Authenticated Server-Side Request Forgery via uploadFromUrl
Title source: manualDescription
Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port scanning, service fingerprinting, and retrieval of internal HTTP responses which are stored in the publicly accessible media pool. This issue has been patched in version 1.1.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/garlic-signage/garlic-hub/security/advisories/GHSA-x24v-76hr-989r
X_Refsource_Misc x_refsource_misc
https://github.com/garlic-signage/garlic-hub/commit/076b6d70a43d9641c35cbd8042353b473e3241f5
Scores
CVSS v3
7.7
EPSS
0.0021
EPSS Percentile
10.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (1)
garlic-signage/garlic-hub
< 1.1
Published
Jun 11, 2026
Tracked Since
Jun 12, 2026