Plattform
python
Komponente
calibreweb
Behoben in
0.6.17
0.6.17
CVE-2022-0767 describes a server-side request forgery (SSRF) vulnerability present in calibreweb versions up to 0.6.16. This flaw allows attackers to bypass inadequate SSRF protection mechanisms by exploiting HTTP redirects, potentially enabling access to internal resources. The vulnerability was published on March 8, 2022, and a fix is available in version 0.6.17.
The SSRF vulnerability in calibreweb allows an attacker to craft HTTP requests that are unknowingly executed by the server. Because the SSRF protection is incomplete and can be bypassed with redirects, an attacker could redirect requests to internal services running on localhost. This could expose sensitive data, allow for unauthorized access to internal APIs, or even facilitate further attacks against internal systems. The impact is particularly severe because calibreweb often manages sensitive user data and metadata related to ebooks, making internal data exposure a significant risk. Successful exploitation could lead to data breaches and compromise of the entire calibreweb instance.
CVE-2022-0767 is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are available, indicating a medium probability of exploitation. The vulnerability was publicly disclosed on March 8, 2022, coinciding with the CVE publication date. Active campaigns targeting this vulnerability have not been confirmed, but the availability of PoCs increases the risk of opportunistic exploitation.
Organizations running calibreweb versions prior to 0.6.17, particularly those with internal services accessible from localhost, are at risk. Shared hosting environments where calibreweb is installed alongside other applications are also vulnerable, as a compromise of one application could potentially lead to SSRF exploitation through calibreweb.
• python / server:
# Check calibreweb version
python -c 'import calibreweb; print(calibreweb.__version__)'• generic web:
# Check for redirect URLs in access logs
grep -i 'redirect=' /var/log/apache2/access.logdisclosure
patch
Exploit-Status
EPSS
0.20% (42% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2022-0767 is to upgrade calibreweb to version 0.6.17 or later, which includes the necessary SSRF protection fixes. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to block suspicious HTTP redirects. Additionally, restrict network access to calibreweb to only trusted sources. Carefully review any custom code or plugins integrated with calibreweb, as they may introduce new SSRF vulnerabilities. After upgrading, confirm the fix by attempting to trigger an HTTP redirect to localhost and verifying that the request is blocked.
Aktualisieren Sie calibre-web auf Version 0.6.17 oder höher. Diese Version enthält eine Korrektur für die SSRF-Vulnerabilität. Das Update kann über den Paketmanager pip durchgeführt oder die neueste Version aus dem GitHub-Repository heruntergeladen und die Dateien ersetzt werden.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2022-0767 is a critical server-side request forgery vulnerability in calibreweb versions up to 0.6.16, allowing attackers to bypass SSRF protection via HTTP redirects.
Yes, if you are running calibreweb version 0.6.16 or earlier, you are vulnerable to this SSRF vulnerability.
Upgrade calibreweb to version 0.6.17 or later to resolve the SSRF vulnerability. Consider temporary WAF rules if immediate upgrade is not possible.
While active exploitation campaigns are not confirmed, the availability of a public proof-of-concept suggests a potential risk of exploitation.
Refer to the calibreweb project's official website or GitHub repository for the advisory and release notes related to CVE-2022-0767.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.