CVE-2022-40305

Server-Side Request Forgery (SSRF) in npm/canto

Identifiers

CVE-2022-40305

Package Slug

npm/canto

Vulnerability

Server-Side Request Forgery (SSRF)

Description

A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.

Affected Versions

All versions up to 11.1.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-12

source