Unauthenticated WebSocket SSRF Vulnerability in Portainer

Unauthenticated WebSocket SSRF Vulnerability in Portainer

CVE-2018-12678 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.

Learn more about our Web App Pen Testing.