Cyber Resilience

CVE-2023-32750

MediumPublic PoC

Published: 08 June 2023

Published
08 June 2023
Modified
06 January 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.1193 93.9th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-32750 is a medium-severity SSRF (CWE-918) vulnerability in Pydio Cells. Its CVSS base score is 6.5 (Medium).

Operationally, ranked in the top 6.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Pydio Cells through version 4.1.2 contains a server-side request forgery vulnerability, identified as CVE-2023-32750 and assigned CWE-918. The flaw resides in the remote-download job type, which runs longer-lived background processes and permits an authenticated user to supply an arbitrary URL; the server then issues an HTTP GET request to that URL and writes the response into a file placed in a user-specified folder inside the Cells instance.

An attacker with low-privileged but authenticated access can therefore coerce the backend into retrieving resources that are reachable from the server but not from the attacker's own network position, resulting in potential disclosure of internal services or data. The vulnerability carries a CVSS 3.1 base score of 6.5 reflecting network attack vector, low complexity, and no required user interaction.

Public advisories published by RedTeam Pentesting at the referenced URLs describe the issue in detail and are the primary sources of technical information currently available. The associated EPSS score has remained flat at its peak value of 0.1193 with no material upward movement observed after disclosure.

EU & UK References

Vulnerability details

Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request…

more

to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

pydio
cells
≤ 3.0.12 · 4.1.0 — 4.1.3

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-918

Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.

addresses: CWE-918

Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.

addresses: CWE-918

Validates server-side URLs and resource references to block SSRF attempts.

addresses: CWE-918

Detects server-side request forgery through monitoring of unexpected outbound connections.

References