CVE-2023-32750
Published: 08 June 2023
Summary
CVE-2023-32750 is a medium-severity SSRF (CWE-918) vulnerability in Pydio Cells. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 6.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Pydio Cells through version 4.1.2 contains a server-side request forgery vulnerability, identified as CVE-2023-32750 and assigned CWE-918. The flaw resides in the remote-download job type, which runs longer-lived background processes and permits an authenticated user to supply an arbitrary URL; the server then issues an HTTP GET request to that URL and writes the response into a file placed in a user-specified folder inside the Cells instance.
An attacker with low-privileged but authenticated access can therefore coerce the backend into retrieving resources that are reachable from the server but not from the attacker's own network position, resulting in potential disclosure of internal services or data. The vulnerability carries a CVSS 3.1 base score of 6.5 reflecting network attack vector, low complexity, and no required user interaction.
Public advisories published by RedTeam Pentesting at the referenced URLs describe the issue in detail and are the primary sources of technical information currently available. The associated EPSS score has remained flat at its peak value of 0.1193 with no material upward movement observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-36975
Vulnerability details
Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request…
more
to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.
Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.
Validates server-side URLs and resource references to block SSRF attempts.
Detects server-side request forgery through monitoring of unexpected outbound connections.