プラットフォーム
go
コンポーネント
github.com/tencent/weknora
修正版
0.3.1
0.3.0
CVE-2026-30858 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in WeKnora, a Go-based project. This flaw resides within the web_fetch tool, enabling attackers to potentially access internal resources through DNS rebinding techniques. Versions prior to 0.3.0 are affected, and a patch has been released to address the issue.
The SSRF vulnerability in WeKnora allows an attacker to craft malicious requests that appear to originate from the WeKnora server itself. By exploiting DNS rebinding, an attacker can manipulate the domain name resolution to point to internal resources that are otherwise inaccessible from the outside. This could lead to unauthorized access to sensitive data, internal APIs, or even the ability to interact with internal services. The impact is amplified if WeKnora is deployed in an environment with sensitive internal resources, such as databases or configuration management systems. Successful exploitation could result in data breaches, privilege escalation, and disruption of internal services.
CVE-2026-30858 was publicly disclosed on 2026-03-10. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The EPSS score is pending evaluation. It is recommended to prioritize patching due to the potential for SSRF exploitation, which can lead to significant internal network compromise.
Organizations deploying WeKnora in environments with internal resources accessible via HTTP or HTTPS are at risk. This includes deployments behind firewalls or in segmented networks where internal services are exposed. Shared hosting environments utilizing WeKnora are also particularly vulnerable due to the potential for cross-tenant exploitation.
• go / server:
ps aux | grep WeKnora• go / server:
journalctl -u weknora | grep -i 'web_fetch'• generic web:
curl -I <weknora_server_ip>/web_fetch?url=http://evil.com # Check for internal resource exposure in response headersdisclosure
エクスプロイト状況
EPSS
0.09% (26% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2026-30858 is to upgrade WeKnora to version 0.3.0 or later, which includes the fix for the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting outbound network access from the WeKnora server to only necessary domains. Implement strict input validation on the web_fetch tool to prevent malicious URL manipulation. Consider deploying a Web Application Firewall (WAF) with rules to detect and block SSRF attempts based on suspicious URL patterns and DNS resolution anomalies. Monitor network traffic for unusual outbound requests originating from the WeKnora server.
WeKnoraをバージョン0.3.0以降にアップデートしてください。このバージョンには、内部リソースへの不正アクセスを可能にするDNSリバインディングの脆弱性に対する修正が含まれています。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-30858 is a Server-Side Request Forgery vulnerability in WeKnora versions prior to 0.3.0, allowing attackers to access internal resources via DNS rebinding.
You are affected if you are using WeKnora versions 0.2.0 or earlier. Upgrade to 0.3.0 to mitigate the risk.
Upgrade WeKnora to version 0.3.0 or later. As a temporary workaround, restrict outbound network access and implement input validation.
Currently, there are no known public exploits or active campaigns targeting CVE-2026-30858, but proactive patching is recommended.
Refer to the WeKnora project's official repository and release notes for the latest security advisories and updates.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。
go.mod ファイルをアップロードすると、影響の有無を即座にお知らせします。