CVE-2024-0308: CWE-918 Server-Side Request Forgery in Inis
A vulnerability was found in Inis up to 2.0.1. It has been rated as critical. This issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument p_url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249875.
AI Analysis
Technical Summary
CVE-2024-0308 is a Server-Side Request Forgery (SSRF) vulnerability identified in the Inis software versions up to 2.0.1. The vulnerability arises from improper handling of the 'p_url' parameter in the file app/api/controller/default/Proxy.php. An attacker can manipulate this parameter to coerce the server into making unintended HTTP requests to arbitrary locations. SSRF vulnerabilities enable attackers to bypass network access controls, potentially accessing internal systems, sensitive data, or services that are otherwise inaccessible externally. The vulnerability is remotely exploitable without user interaction but requires some level of privileges (PR:L) on the system, as indicated by the CVSS vector. The CVSS score of 6.3 (medium severity) reflects the moderate impact on confidentiality, integrity, and availability, with low attack complexity and no user interaction needed. Although no public exploits are currently known in the wild, the vulnerability has been publicly disclosed, increasing the risk of exploitation. The lack of available patches at the time of disclosure means that affected organizations must rely on mitigation strategies until official fixes are released. SSRF vulnerabilities like this can be leveraged to perform internal reconnaissance, access metadata services, or pivot to other internal resources, posing significant risks especially in cloud or segmented network environments.
Potential Impact
For European organizations using Inis versions 2.0.0 or 2.0.1, this SSRF vulnerability could lead to unauthorized internal network access, data leakage, or disruption of services. Given the ability to manipulate server requests, attackers might exploit this flaw to reach internal APIs, databases, or cloud metadata endpoints, potentially exposing sensitive information or enabling further attacks. Critical infrastructure, financial institutions, and government agencies in Europe that rely on Inis for internal or external services could face confidentiality breaches or service interruptions. The medium severity rating suggests that while the vulnerability is not trivially exploitable by unauthenticated attackers, the requirement for some privileges limits the attack surface somewhat. However, once exploited, the attacker could escalate their access or move laterally within the network, increasing the overall risk. The public disclosure of the vulnerability also raises the urgency for European organizations to assess their exposure and implement mitigations promptly to avoid targeted attacks.
Mitigation Recommendations
European organizations should immediately audit their Inis installations to identify affected versions (2.0.0 and 2.0.1). In the absence of an official patch, organizations should implement strict input validation and sanitization on the 'p_url' parameter to restrict requests to trusted domains or internal endpoints. Network-level controls such as egress filtering and segmentation should be enforced to limit the server's ability to make arbitrary outbound requests. Employing web application firewalls (WAFs) with custom rules to detect and block suspicious SSRF patterns can provide additional protection. Monitoring server logs for unusual outbound requests originating from the vulnerable endpoint can help detect exploitation attempts early. Privilege management should be reviewed to minimize the number of users or processes with the required privileges to exploit this vulnerability. Finally, organizations should stay alert for official patches or updates from Inis and apply them promptly once available.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Belgium, Sweden, Finland
CVE-2024-0308: CWE-918 Server-Side Request Forgery in Inis
Description
A vulnerability was found in Inis up to 2.0.1. It has been rated as critical. This issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument p_url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249875.
AI-Powered Analysis
Technical Analysis
CVE-2024-0308 is a Server-Side Request Forgery (SSRF) vulnerability identified in the Inis software versions up to 2.0.1. The vulnerability arises from improper handling of the 'p_url' parameter in the file app/api/controller/default/Proxy.php. An attacker can manipulate this parameter to coerce the server into making unintended HTTP requests to arbitrary locations. SSRF vulnerabilities enable attackers to bypass network access controls, potentially accessing internal systems, sensitive data, or services that are otherwise inaccessible externally. The vulnerability is remotely exploitable without user interaction but requires some level of privileges (PR:L) on the system, as indicated by the CVSS vector. The CVSS score of 6.3 (medium severity) reflects the moderate impact on confidentiality, integrity, and availability, with low attack complexity and no user interaction needed. Although no public exploits are currently known in the wild, the vulnerability has been publicly disclosed, increasing the risk of exploitation. The lack of available patches at the time of disclosure means that affected organizations must rely on mitigation strategies until official fixes are released. SSRF vulnerabilities like this can be leveraged to perform internal reconnaissance, access metadata services, or pivot to other internal resources, posing significant risks especially in cloud or segmented network environments.
Potential Impact
For European organizations using Inis versions 2.0.0 or 2.0.1, this SSRF vulnerability could lead to unauthorized internal network access, data leakage, or disruption of services. Given the ability to manipulate server requests, attackers might exploit this flaw to reach internal APIs, databases, or cloud metadata endpoints, potentially exposing sensitive information or enabling further attacks. Critical infrastructure, financial institutions, and government agencies in Europe that rely on Inis for internal or external services could face confidentiality breaches or service interruptions. The medium severity rating suggests that while the vulnerability is not trivially exploitable by unauthenticated attackers, the requirement for some privileges limits the attack surface somewhat. However, once exploited, the attacker could escalate their access or move laterally within the network, increasing the overall risk. The public disclosure of the vulnerability also raises the urgency for European organizations to assess their exposure and implement mitigations promptly to avoid targeted attacks.
Mitigation Recommendations
European organizations should immediately audit their Inis installations to identify affected versions (2.0.0 and 2.0.1). In the absence of an official patch, organizations should implement strict input validation and sanitization on the 'p_url' parameter to restrict requests to trusted domains or internal endpoints. Network-level controls such as egress filtering and segmentation should be enforced to limit the server's ability to make arbitrary outbound requests. Employing web application firewalls (WAFs) with custom rules to detect and block suspicious SSRF patterns can provide additional protection. Monitoring server logs for unusual outbound requests originating from the vulnerable endpoint can help detect exploitation attempts early. Privilege management should be reviewed to minimize the number of users or processes with the required privileges to exploit this vulnerability. Finally, organizations should stay alert for official patches or updates from Inis and apply them promptly once available.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2024-01-07T20:11:41.254Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 683f0dc2182aa0cae27ff41e
Added to database: 6/3/2025, 2:59:14 PM
Last enriched: 7/3/2025, 11:57:29 PM
Last updated: 7/28/2025, 10:04:56 AM
Views: 8
Related Threats
CVE-2025-8958: Stack-based Buffer Overflow in Tenda TX3
HighCVE-2025-8957: SQL Injection in Campcodes Online Flight Booking Management System
MediumCVE-2025-54707: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in RealMag777 MDTF
CriticalCVE-2025-54706: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Noor Alam Magical Posts Display
MediumCVE-2025-54705: CWE-862 Missing Authorization in magepeopleteam WpEvently
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.