Plattform
go
Komponente
github.com/tencent/weknora
Behoben in
0.3.1
0.3.0
CVE-2026-30858 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in WeKnora, a Go-based project. This flaw resides within the web_fetch tool, enabling attackers to potentially access internal resources through DNS rebinding techniques. Versions prior to 0.3.0 are affected, and a patch has been released to address the issue.
The SSRF vulnerability in WeKnora allows an attacker to craft malicious requests that appear to originate from the WeKnora server itself. By exploiting DNS rebinding, an attacker can manipulate the domain name resolution to point to internal resources that are otherwise inaccessible from the outside. This could lead to unauthorized access to sensitive data, internal APIs, or even the ability to interact with internal services. The impact is amplified if WeKnora is deployed in an environment with sensitive internal resources, such as databases or configuration management systems. Successful exploitation could result in data breaches, privilege escalation, and disruption of internal services.
CVE-2026-30858 was publicly disclosed on 2026-03-10. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The EPSS score is pending evaluation. It is recommended to prioritize patching due to the potential for SSRF exploitation, which can lead to significant internal network compromise.
Organizations deploying WeKnora in environments with internal resources accessible via HTTP or HTTPS are at risk. This includes deployments behind firewalls or in segmented networks where internal services are exposed. Shared hosting environments utilizing WeKnora are also particularly vulnerable due to the potential for cross-tenant exploitation.
• go / server:
ps aux | grep WeKnora• go / server:
journalctl -u weknora | grep -i 'web_fetch'• generic web:
curl -I <weknora_server_ip>/web_fetch?url=http://evil.com # Check for internal resource exposure in response headersdisclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-30858 is to upgrade WeKnora to version 0.3.0 or later, which includes the fix for the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting outbound network access from the WeKnora server to only necessary domains. Implement strict input validation on the web_fetch tool to prevent malicious URL manipulation. Consider deploying a Web Application Firewall (WAF) with rules to detect and block SSRF attempts based on suspicious URL patterns and DNS resolution anomalies. Monitor network traffic for unusual outbound requests originating from the WeKnora server.
Aktualisieren Sie WeKnora auf Version 0.3.0 oder höher. Diese Version enthält eine Lösung für die DNS-Rebinding-Vulnerabilität, die unautorisierten Zugriff auf interne Ressourcen ermöglicht.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-30858 is a Server-Side Request Forgery vulnerability in WeKnora versions prior to 0.3.0, allowing attackers to access internal resources via DNS rebinding.
You are affected if you are using WeKnora versions 0.2.0 or earlier. Upgrade to 0.3.0 to mitigate the risk.
Upgrade WeKnora to version 0.3.0 or later. As a temporary workaround, restrict outbound network access and implement input validation.
Currently, there are no known public exploits or active campaigns targeting CVE-2026-30858, but proactive patching is recommended.
Refer to the WeKnora project's official repository and release notes for the latest security advisories and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.