Gratis scannen
MEDIUMCVE-2026-5623CVSS 6.3

hcengineering Huly Platform Import Endpoint index.ts server-side request forgery

wordt vertaald…

Platform

nodejs

Component

huly-platform

Opgelost in

0.7.383

AI Confidence: highNVDEPSS 0.0%Beoordeeld: mei 2026
Bekijk op NVD
Opslaan
Wordt vertaald naar uw taal…

A server-side request forgery (SSRF) vulnerability has been identified in Huly Platform versions 0.7.382 through 0.7.382. This flaw allows attackers to manipulate the application into making requests to unintended internal or external resources, potentially exposing sensitive data or enabling further attacks. The vulnerability resides within the Import Endpoint component, specifically in the file server/front/src/index.ts file. A public exploit is available, indicating a heightened risk of exploitation.

Impact en Aanvalsscenarioswordt vertaald…

The SSRF vulnerability in Huly Platform allows an attacker to craft malicious requests that the server will execute on behalf of the attacker. This can lead to several consequences. An attacker could potentially access internal services that are not directly exposed to the internet, such as databases, configuration files, or administrative interfaces. They might also be able to scan internal networks for other vulnerable systems, facilitating lateral movement. The ability to make arbitrary requests also opens the door to data exfiltration and denial-of-service attacks against internal resources. The presence of a public exploit significantly increases the likelihood of exploitation and the potential for widespread impact.

Uitbuitingscontextwordt vertaald…

This vulnerability is considered actively exploitable due to the availability of a public proof-of-concept. The vulnerability was disclosed on 2026-04-06. The vendor was contacted but did not respond. The exploit's public availability suggests a medium probability of exploitation (EPSS score likely medium). Monitor security advisories and threat intelligence feeds for any indications of active campaigns targeting Huly Platform.

Wie Loopt Risicowordt vertaald…

Organizations deploying Huly Platform in environments with sensitive internal resources are at significant risk. Specifically, deployments where the platform interacts with internal APIs or databases without proper network segmentation are particularly vulnerable. Shared hosting environments where multiple users share the same Huly Platform instance should also be considered high-risk.

Detectiestappenwordt vertaald…

• nodejs: Monitor process execution for unusual outbound network connections originating from the Huly Platform process. Use lsof or netstat to identify connections to unexpected internal or external hosts.

lsof -i -p $(pidof huly-platform)

• nodejs: Examine application logs for suspicious HTTP requests or error messages related to URL parsing or redirection. Look for patterns indicative of SSRF attempts.

grep -i 'url:' /var/log/huly-platform/access.log

• generic web: Use curl to test for SSRF by attempting to access internal resources through the vulnerable endpoint.

curl -v http://<huly_platform_ip>/import?url=http://169.254.169.254/metadata/instance-id

Aanvalstijdlijn

  1. Disclosure

    disclosure

Dreigingsinformatie

Exploit Status

Proof of ConceptOnbekend
CISA KEVNO
InternetblootstellingHoog
Rapporten1 dreigingsrapport

EPSS

0.03% (11% percentiel)

CISA SSVC

Exploitatiepoc
Automatiseerbaarno
Technische Impactpartial

CVSS-vector

DREIGINGSINFORMATIE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R6.3MEDIUMAttack VectorNetworkHoe de aanvaller het doel bereiktAttack ComplexityLowVereiste omstandigheden om te exploiterenPrivileges RequiredLowVereist authenticatieniveau voor aanvalUser InteractionNoneOf het slachtoffer actie moet ondernemenScopeUnchangedImpact buiten het getroffen onderdeelConfidentialityLowRisico op blootstelling van gevoelige dataIntegrityLowRisico op ongeautoriseerde gegevenswijzigingAvailabilityLowRisico op verstoring van dienstennextguardhq.com · CVSS v3.1 Basisscore
Wat betekenen deze metrics?
Attack Vector
Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
Attack Complexity
Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
Privileges Required
Laag — elk geldig gebruikersaccount is voldoende.
User Interaction
Geen — automatische en stille aanval. Slachtoffer doet niets.
Scope
Ongewijzigd — impact beperkt tot het kwetsbare component.
Confidentiality
Laag — gedeeltelijke toegang tot enkele gegevens.
Integrity
Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
Availability
Laag — gedeeltelijke of intermitterende denial of service.

Getroffen Software

Componenthuly-platform
Leverancierhcengineering
Getroffen bereikOpgelost in
0.7.382 – 0.7.3820.7.383

Zwakheidsclassificatie (CWE)

CWE-918

Tijdlijn

  1. Gereserveerd
  2. Gepubliceerd
  3. EPSS bijgewerkt
Geen patch — 48 dagen na openbaarmaking

Mitigatie en Workaroundswordt vertaald…

The primary mitigation for CVE-2026-5623 is to upgrade to a patched version of Huly Platform as soon as it becomes available. Since no fixed version is currently specified, closely monitor the vendor's website and security advisories for updates. As a temporary workaround, implement strict input validation on any user-supplied URLs or hostnames used in requests made by the Import Endpoint. Consider deploying a Web Application Firewall (WAF) with rules to block suspicious outbound requests based on URL patterns or destination IP addresses. Restrict network access to the Huly Platform server to only necessary ports and services.

Hoe te verhelpenwordt vertaald…

Actualice la plataforma Huly a una versión corregida.  Revise el código fuente en `src/index.ts` para identificar y mitigar la vulnerabilidad de falsificación de solicitudes del lado del servidor.  Implemente validaciones de entrada robustas para prevenir la manipulación de URLs.

CVE Beveiligingsnieuwsbrief

Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.

Veelgestelde vragenwordt vertaald…

What is CVE-2026-5623 — SSRF in Huly Platform?

CVE-2026-5623 is a server-side request forgery vulnerability affecting Huly Platform versions 0.7.382-0.7.382, allowing attackers to make requests on behalf of the server.

Am I affected by CVE-2026-5623 in Huly Platform?

If you are using Huly Platform version 0.7.382, you are potentially affected by this SSRF vulnerability. Monitor for vendor updates.

How do I fix CVE-2026-5623 in Huly Platform?

The recommended fix is to upgrade to a patched version of Huly Platform. Monitor the vendor's website for updates and implement input validation as a temporary workaround.

Is CVE-2026-5623 being actively exploited?

Yes, a public exploit exists, indicating a high probability of active exploitation. Monitor your systems and implement mitigations immediately.

Where can I find the official Huly Platform advisory for CVE-2026-5623?

Check the Huly Platform website and security advisories for the latest information regarding CVE-2026-5623.

Is jouw project getroffen?

Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.

Gratis scannenCVEs zoeken