CVE-2023-27163
Description
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Severity: MEDIUM
CVE ID: CVE-2023-27163
CVSS Score: 6.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Proof Of Concept
entr0pie
Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)
Refrence: GitHub
seanrdev
To assist in enumerating the webserver behind the webserver SSRF CVE-2023-27163
Refrence: GitHub
overgrowncarrot1
CVE-2023-27163
Refrence: GitHub
ThickCoco
Poc of SSRF for Request-Baskets (CVE-2023-27163)
Refrence: GitHub
davuXVI
PoC CVE-2023-27163, SSRF, request-baskets hasta v1.2.1
Refrence: GitHub
HusenjanDev
Requests Baskets (CVE-2023-27163) and Mailtrail v0.53
Refrence: GitHub
rvizx
CVE-2023-27163 - Request Baskets SSRF
Refrence: GitHub
thomas-osgood
Golang PoC for CVE-2023-27163 Mailtrail Exploit
Refrence: GitHub
cowsecurity
CVE-2023-27163 Request-Baskets v1.2.1 - Server-side request forgery (SSRF)
Refrence: GitHub
samh4cks
A tool to perform port scanning using vulnerable Request-Baskets
Refrence: GitHub
Hamibubu
Python implementation of CVE-2023-27163
Refrence: GitHub
KharimMchatta
this is a script that exploits the CVE-2023-27163 vulnerability which is request-basket SSRF
Refrence: GitHub
MasterCode112
Proof of Concept for Server Side Request Forgery (SSRF) in request-baskets (V<= v.1.2.1)
Refrence: GitHub
Rubioo02
A exploit for the CVE-2023-27163 (SSRF) vulnerability in the web application request-baskets (<= v.1.2.1)
Refrence: GitHub
madhavmehndiratta
PoC for SSRF in request-baskets v1.2.1 (CVE-2023-27163)
Refrence: GitHub