Plattform
php
Komponente
idno/known
Behoben in
1.6.5
1.6.4
CVE-2026-28508 is a critical Server-Side Request Forgery (SSRF) vulnerability affecting idno/known versions up to 1.6.3. This flaw allows unauthenticated attackers to bypass CSRF protection and trigger arbitrary outbound HTTP requests, potentially exposing sensitive internal data or compromising internal systems. A fix is available in version 1.6.4, and users are strongly advised to upgrade immediately.
The SSRF vulnerability in idno/known poses a significant risk. An attacker can leverage this flaw to make the server initiate requests to any external or internal resource. This includes accessing sensitive internal network services, cloud instance metadata (potentially revealing credentials), and other confidential data. The lack of authentication requirements on the vulnerable endpoint amplifies the impact, as any unauthenticated user can exploit it. Successful exploitation could lead to data breaches, unauthorized access to internal systems, and potential compromise of the entire infrastructure.
CVE-2026-28508 was publicly disclosed on 2026-03-02. The vulnerability's simplicity and lack of authentication requirements suggest a potentially high probability of exploitation. While no public proof-of-concept (PoC) has been widely reported, the ease of exploitation makes it a likely candidate for inclusion in exploit databases and automated scanning tools. The vulnerability has not been added to the CISA KEV catalog as of this writing.
Organizations using idno/known for content management or publishing, particularly those with internal services accessible via HTTP, are at risk. Shared hosting environments where multiple users share the same server instance are especially vulnerable, as an attacker could potentially exploit the vulnerability on behalf of another user.
• php / server:
find /var/www/html -name 'UrlUnfurl.php' -o -name 'Session.php' -o -name 'Actions.php'• php / server:
grep -r "UrlUnfurl" /var/www/html• generic web:
curl -I http://your-idno-server.com/service/web/urlunfurl | grep -i serverdisclosure
Exploit-Status
EPSS
0.13% (33% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-28508 is to upgrade to idno/known version 1.6.4 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict outbound network access from the idno/known server using a firewall or network segmentation to limit the potential blast radius. Implement a Web Application Firewall (WAF) with rules to block suspicious outbound requests, particularly those targeting internal IP ranges or cloud metadata endpoints. Carefully review and restrict the allowed domains for URL unfurl functionality. After upgrading, confirm the fix by attempting to trigger the URL unfurl service with a crafted request to an internal resource; the request should be blocked.
Aktualisieren Sie idno auf Version 1.6.4 oder höher. Diese Version behebt die SSRF-Schwachstelle, indem ein geeigneter CSRF-Schutz für den URL-Unfurl-Endpoint implementiert wird.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-28508 is a critical SSRF vulnerability in idno/known versions up to 1.6.3, allowing attackers to bypass CSRF protection and make arbitrary outbound HTTP requests.
You are affected if you are using idno/known versions 1.6.3 or earlier. Upgrade to 1.6.4 to resolve the vulnerability.
Upgrade to idno/known version 1.6.4 or later. As a temporary workaround, restrict outbound network access and implement strict input validation.
While no public exploits are currently known, the ease of exploitation suggests a high probability of exploitation if the vulnerability remains unpatched.
Refer to the official idno/known project website and security advisories for the latest information and updates regarding CVE-2026-28508.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.