Platform
python
Component
ghsl-2023-186_ghsl-2023-189_benbusby_whoogle-search
Fixed in
0.8.5
CVE-2024-22203 is a critical Server-Side Request Forgery (SSRF) vulnerability affecting Whoogle Search versions up to 0.8.4. The vulnerability stems from insufficient validation of user-controlled variables within the element method, allowing attackers to manipulate HTTP requests. Successful exploitation can grant access to internal network resources and potentially external systems, posing a significant security risk.
This SSRF vulnerability allows an attacker to craft arbitrary GET requests through Whoogle Search, effectively leveraging the server as a proxy. The attacker can target internal resources that the Whoogle Search server has access to, even if those resources are not directly accessible from the outside world. This could include accessing sensitive internal APIs, databases, or other services. The potential impact extends beyond simple information disclosure; an attacker could potentially use this SSRF to interact with internal systems, triggering actions or exfiltrating data. The lack of proper input validation makes this a high-impact vulnerability, particularly in environments where Whoogle Search is used to access internal resources.
CVE-2024-22203 was publicly disclosed on January 23, 2024. No known public exploits or active campaigns targeting this vulnerability have been reported as of this writing. The vulnerability is not currently listed on the CISA KEV catalog. The ease of exploitation, combined with the potential impact, suggests that this vulnerability should be prioritized for remediation.
Exploit Status
EPSS
0.44% (63% percentile)
CVSS Vector
The primary mitigation for CVE-2024-22203 is to immediately upgrade Whoogle Search to version 0.8.4 or later. This version includes the necessary fixes to validate user-controlled input and prevent the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to block suspicious outbound requests originating from the Whoogle Search server. Restrict network access for the Whoogle Search server to only the necessary internal resources to limit the potential blast radius of a successful exploitation. Carefully review and audit any internal APIs or services that Whoogle Search might access.
Update Whoogle Search to version 0.8.4 or higher. This version fixes the Server Side Request Forgery (SSRF) vulnerability. The update will prevent attackers from making requests to internal or external resources through the server.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-22203 is a critical Server-Side Request Forgery (SSRF) vulnerability in Whoogle Search versions up to 0.8.4, allowing attackers to make requests on behalf of the server.
You are affected if you are running Whoogle Search versions prior to 0.8.4. Upgrade immediately to mitigate the risk.
Upgrade Whoogle Search to version 0.8.4 or later. Consider WAF rules as a temporary workaround if immediate upgrade is not possible.
No active exploitation has been publicly reported as of this writing, but the vulnerability's impact warrants immediate attention.
Refer to the Whoogle Search GitHub repository for updates and advisories: https://github.com/whoogle-search/whoogle-search
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.