Post a Reply
3706 views

TheHive Project Cortex 2.1.3 Server Side Request Forgery

  1. last year
    Edited last year by Men in Black

    h70.png

    TheHive Project Cortex versions 2.1.3 and below suffer from a server-side request forgery vulnerability.

    MD5 | a70988160dd0b438382262815f9829c5

    Download => thehivepc-ssrf.txt

    # Exploit Title: SSRF in TheHive Project Cortex <= 2.1.3
    # Date: 2/26/2019
    # Exploit Author: Alexandre Basquin
    # Vendor Homepage: https://blog.thehive-project.org
    # Software Link: https://github.com/TheHive-Project/Cortex
    # Version: Cortex <= 2.1.3
    # Tested on: 2.1.3
    # CVE : CVE-2019-7652
    
    # Exploit description
    
    TheHive Project Cortex version <= 2.1.3 is vulnerable to a SSRF vulnerability in the "UnshortenLink_1_0" analyzer.
    
    References:
    
    https://blog.thehive-project.org/2019/02/11/unshortenlink-ssrf-and-cortex-analyzers-1-15-2/
    
    
    
    POC:
    
    1. Create a new analysis
    
    2. Select Data Type "URL"
    
    3. Put your SSRF payload in the Data parameter (e.g. "http://127.0.0.1:22")
    
    4. Result can be seen in the main dashboard.
    
    
    Reported to TheHive Project by Alexandre Basquin on 1/24/2019
 

or Sign Up to reply!