CVE-2023-42282

The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html	Exploit Third Party Advisory
https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894	Patch
https://huntr.com/bounties/bfc3b23f-ddc0-4ee7-afab-223b07115ed3/	Exploit Technical Description
https://security.netapp.com/advisory/ntap-20240315-0008/	Third Party Advisory
https://www.bleepingcomputer.com/news/security/dev-rejects-cve-severity-makes-his-github-repo-read-only/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fedorindutny:ip::::::node.js::*
	cpe:2.3:a:fedorindutny:ip:2.0.0:::::node.js::

History

No history.

Information

Published : 2024-02-08 17:15

Updated : 2024-07-03 22:15

NVD link : CVE-2023-42282

Mitre link : CVE-2023-42282

CVE.ORG link : CVE-2023-42282

JSON object : View

Products Affected

fedorindutny

ip

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2023-42282", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-02-08T17:15:10.840", "references": [{"url": "https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://huntr.com/bounties/bfc3b23f-ddc0-4ee7-afab-223b07115ed3/", "tags": ["Exploit", "Technical Description"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20240315-0008/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.bleepingcomputer.com/news/security/dev-rejects-cve-severity-makes-his-github-repo-read-only/", "source": "cve@mitre.org"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic."}, {"lang": "es", "value": "Un problema en el paquete IP NPM v.1.1.8 y anteriores permite a un atacante ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s de la funci\u00f3n isPublic()."}], "lastModified": "2024-07-03T22:15:02.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fedorindutny:ip:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "5E811BCA-8109-4EA6-ACCC-7D7A6BCD6BB1", "versionEndIncluding": "1.1.8"}, {"criteria": "cpe:2.3:a:fedorindutny:ip:2.0.0:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "45CEC4AC-81A3-4E86-A25C-292D4755A13F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}