Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
txtdot SSRF vulnerability in /proxy
Vulnerability Description
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery (SSRF) vulnerability in the `/proxy` route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network. Version 1.6.1 patches the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
TxtDot 安全漏洞
Vulnerability Description
TxtDot是TxtDot开源的一个 HTTP 代理。 TxtDot 1.4.0版本至1.6.1之前版本存在安全漏洞。远程攻击者利用该漏洞使用服务器作为代理向任意目标发送HTTP GET请求,并在内部网络中检索信息。
CVSS Information
N/A
Vulnerability Type
N/A