CVE-2016-7964: SSRF
First published: Mon Oct 31 2016(Updated: )
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and 192.168.0.0/16.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| DokuWiki | =2016-06-26a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-7964?
CVE-2016-7964 is classified as a medium severity vulnerability due to its potential for SSRF attacks.
How do I fix CVE-2016-7964?
To fix CVE-2016-7964, upgrade to the latest version of DokuWiki to ensure that private network access restrictions are in place.
What does CVE-2016-7964 allow an attacker to do?
CVE-2016-7964 allows an attacker to perform server-side request forgery (SSRF) attacks to scan internal network ports.
Which versions of DokuWiki are affected by CVE-2016-7964?
CVE-2016-7964 affects DokuWiki version 2016-06-26a and earlier.
Is there a way to mitigate the risks of CVE-2016-7964 without upgrading?
Mitigation options without upgrading may include disabling media file fetching or implementing firewall rules to restrict outgoing requests.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dokuwiki
- canonical/dokuwiki
- version/dokuwiki/2016-06-26a