CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-0304

Critical Severity
Youke365
SVRS
84/100
CVSSv3
9.8/10
EPSS
0.00116/1

CVE-2024-0304 is a critical Server-Side Request Forgery (SSRF) vulnerability in Youke365. This flaw allows attackers to remotely force the server to make unintended requests. The vulnerability exists in versions up to 1.5.3 within the /app/api/controller/collect.php file by manipulating the 'url' argument. With a SOCRadar Vulnerability Risk Score (SVRS) of 84, this vulnerability is considered critical, indicating active exploitation in the wild or imminent threat. This high SVRS means immediate patching or mitigation is essential. Successful exploitation could lead to data breaches, internal network compromise, and further malicious activities. The public availability of exploit code heightens the risk.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-01-08
LAST MODIFIED2024-05-17
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-0304 is a critical vulnerability in Youke365 up to version 1.5.3, allowing server-side request forgery (SSRF) attacks. The vulnerability is triggered by manipulating the 'url' argument in the '/app/api/controller/collect.php' file. An attacker can exploit this remotely, potentially leading to unauthorized access, data manipulation, or denial of service. The exploit has been publicly disclosed and may be actively used.

Key Insights:

  1. Severity and Urgency: The SOCRadar Vulnerability Risk Score (SVRS) for CVE-2024-0304 is 67, indicating a high level of severity and urgency. A score above 80 signifies a critical vulnerability, necessitating immediate action.

  2. Attack Vector and Impact: The vulnerability allows an attacker to perform SSRF attacks, enabling them to send crafted requests to internal systems or external resources on behalf of the affected server. This could lead to sensitive data exposure, unauthorized access to internal networks, or disruption of critical services.

  3. Exploit Availability: The exploit for CVE-2024-0304 has been publicly disclosed, increasing the risk of exploitation. Attackers may have already developed tools or scripts to exploit this vulnerability, making it easier for them to target vulnerable systems.

  4. Affected Software: Youke365 up to version 1.5.3 is affected by this vulnerability. Users and organizations running this software version are at risk and should take immediate action to mitigate the threat.

Mitigation Strategies:

  1. Update Software: The most effective mitigation strategy is to update Youke365 to the latest version (1.5.4 or later) as soon as possible. This will patch the vulnerability and protect against potential attacks.

  2. Implement Input Validation: Organizations should implement strict input validation mechanisms to prevent attackers from manipulating the 'url' argument in the '/app/api/controller/collect.php' file. This can help block malicious requests and reduce the risk of SSRF attacks.

  3. Monitor Network Traffic: Organizations should monitor network traffic for suspicious activity, such as unusual requests or unauthorized access attempts. This can help detect and respond to potential attacks promptly.

  4. Educate Users: Educate users about the risks of SSRF attacks and the importance of keeping software up to date. Encourage users to report any suspicious activity or potential security incidents to the appropriate authorities.

Additional Information:

  • If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppYouke365youke_365

References

ReferenceLink
[email protected]https://note.zhaoj.in/share/3jF3Xpl3ttlZ
[email protected]https://vuldb.com/?ctiid.249871
[email protected]https://vuldb.com/?id.249871

CWE Details

CWE IDCWE NameDescription
CWE-918Server-Side Request Forgery (SSRF)The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence