Main Vulnerability Database Vulnerabilities #VU40054

Server-Side Request Forgery (SSRF) in DokuWiki - CVE-2016-7964

Published: October 31, 2016 / Updated: August 9, 2020

Vulnerability identifier: #VU40054

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2016-7964

CWE-ID: CWE-918

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: DokuWiki

Affected software:
DokuWiki

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and 192.168.0.0/16.

How to mitigate CVE-2016-7964

Install update from vendor's website.

Server-Side Request Forgery (SSRF) in DokuWiki - CVE-2016-7964

Detailed vulnerability description

How to mitigate CVE-2016-7964

Sources

Please verify you're human