Unrated severityNVD Advisory· Published Sep 19, 2019· Updated Aug 5, 2024
CVE-2019-15033
CVE-2019-15033
Description
Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Pydio/Pydiodescription
Patches
Vulnerability mechanics
References
3- heitorgouvea.me/2019/09/17/CVE-2019-15033mitrex_refsource_MISC
- pydio.commitrex_refsource_MISC
- sourceforge.net/projects/ajaxplorer/files/pydio/stable-channel/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.