Miggo Logo

CVE-2024-21498: Server-Side Request Forgery in github.com/greenpau/caddy-security

5.3

CVSS Score
3.1

Basic Information

EPSS Score
0.2585%
Published
2/17/2024
Updated
8/2/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/greenpau/caddy-securitygo<= 1.1.23

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of the X-Forwarded-Host header in two key areas: QR code generation and redirect logic. The GitHub issue (#269) explicitly references code in respond_qrcode.go (line 38) and redirect.go (lines 69-101) where these headers are processed. The Trail of Bits blog confirms these functions use untrusted headers to construct security-sensitive URLs without validation, creating SSRF vectors. Both functions directly process attacker-controlled headers to determine system behavior, meeting the criteria for SSRF vulnerability root causes.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ll v*rsions o* t** p**k*** *it*u*.*om/*r**np*u/****y-s**urity *r* vuln*r**l* to S*rv*r-si** R*qu*st *or**ry (SSR*) vi* X-*orw*r***-*ost *****r m*nipul*tion. *n *tt**k*r **n *xpos* s*nsitiv* in*orm*tion, int*r**t wit* int*rn*l s*rvi**s, or *xploit ot

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* t** X-*orw*r***-*ost *****r in two k*y *r**s: QR *o** **n*r*tion *n* r**ir**t lo*i*. T** *it*u* issu* (#***) *xpli*itly r***r*n**s *o** in r*spon*_qr*o**.*o (lin* **) *n* r**ir**t.*o (lin*s **-***) w*