Plattform
python
Komponente
calibreweb
Behoben in
0.6.17
0.6.17
CVE-2022-0766 describes a server-side request forgery (SSRF) vulnerability affecting calibreweb versions up to 0.6.16. This flaw allows attackers to craft malicious requests that the application forwards to internal or external resources, potentially leading to unauthorized access and data exfiltration. The vulnerability stems from an incomplete fix addressing CVE-2022-0339, specifically failing to properly filter the 0.0.0.0 address which resolves to localhost. A patch is available in version 0.6.17.
The SSRF vulnerability in CalibreWeb allows an attacker to craft malicious requests that appear to originate from the server itself. This can be exploited to access internal services that are not directly exposed to the internet, such as databases, administration panels, or other internal APIs. By crafting a payload resolving to 0.0.0.0, an attacker can bypass the intended filtering and effectively make requests to localhost. This could lead to unauthorized access to sensitive data, modification of system configurations, or even remote code execution depending on the internal services accessible. The impact is particularly severe given CalibreWeb's role as an eBook server, often deployed in environments with sensitive user data.
CVE-2022-0766 is related to CVE-2022-0339, indicating a potential pattern of incomplete security fixes. Public proof-of-concept exploits are likely to emerge given the ease of exploitation and the critical severity. As of the current date, there is no confirmed reporting of active exploitation campaigns. The vulnerability was publicly disclosed on March 8, 2022. It is not currently listed on the CISA KEV catalog.
Organizations and individuals using calibreweb for ebook management, particularly those hosting the application internally or in shared hosting environments, are at risk. Users relying on calibreweb to manage sensitive library data or integrate with internal systems are especially vulnerable.
• linux / server: Monitor calibreweb access logs for requests containing 0.0.0.0 or other suspicious hostnames. Use journalctl -u calibreweb to check for error messages related to request forwarding.
grep '0.0.0.0' /var/log/calibreweb/access.log• generic web: Use curl to attempt a request to calibreweb with 0.0.0.0 as the hostname and verify that it is blocked.
curl -v http://your-calibreweb-server/0.0.0.0disclosure
patch
Exploit-Status
EPSS
0.29% (52% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2022-0766 is to upgrade CalibreWeb to version 0.6.17 or later, which includes the corrected blacklist implementation. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to block requests containing 0.0.0.0 or other suspicious hostnames. Additionally, restrict network access to CalibreWeb from external sources using firewall rules. Regularly review CalibreWeb's configuration to ensure that only necessary services are exposed and that access controls are properly enforced. After upgrading, confirm the fix by attempting a request to localhost through CalibreWeb and verifying that it is blocked.
Aktualisieren Sie calibre-web auf Version 0.6.17 oder höher. Diese Version enthält eine Korrektur für die SSRF-Schwachstelle. Sie können über den Python-Paketmanager (pip) aktualisieren oder die vom Anbieter bereitgestellten Aktualisierungsanweisungen befolgen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2022-0766 is a critical server-side request forgery (SSRF) vulnerability in calibreweb versions up to 0.6.16, allowing attackers to send requests to internal resources.
You are affected if you are running calibreweb version 0.6.16 or earlier. Upgrade to 0.6.17 to resolve the vulnerability.
Upgrade calibreweb to version 0.6.17 or later. As a temporary workaround, implement a WAF rule to block requests containing 0.0.0.0.
While there are no confirmed reports of active exploitation, the vulnerability's critical severity makes it a high-priority target.
Refer to the calibreweb GitHub security advisory: https://github.com/advisories/GHSA-4w8p-x6g8-fv64
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.