ElAdmin SSRF Vulnerability Discovered

CVE-2024-51242

Currently unrated

Key Information:

Vendor
eladmin
Vendor
CVE Published:
30 October 2024

Summary

A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier in ServerDeployController.java. The manipulation of the HTTP Body ip parameter leads to SSRF.

References

https://github.com/shadia0/Patienc/blob/main/eladmin_ssrf.md

Timeline

  • Vulnerability published

Collectors

NVD Database
.