ElAdmin SSRF Vulnerability Discovered
CVE-2024-51242

Currently unrated

Key Information:

Vendor: eladmin
Status: Eladmin
Vendor: CVE Published:; 30 October 2024

What is CVE-2024-51242?

A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier in ServerDeployController.java. The manipulation of the HTTP Body ip parameter leads to SSRF.

References

https://github.com/shadia0/Patienc/blob/main/eladmin_ssrf.md

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2024