Server Side Request Forgery

Server Side Request Forgery (SSRF) happens when untrusted input is used to construct requests to other resources, potentially on internal or external networks. SSRF can allow for unauthorised access to internal systems, data leakage, and in some cases, remote code execution.

Remediation

Where possible do not use untrusted input in a HTTP call.
Do not use string concatination to add utrusted input to parts of the URL.
Parse the URL using a safe library and check the parsed URL against a whitelist.

Metadata

Severity: medium
Slug: server-side-request-forgery

CWEs

918: Server-Side Request Forgery (SSRF)
639: Authorization Bypass Through User-Controlled Key
200: Exposure of Sensitive Information to an Unauthorized Actor

OWASP

A10:2021: Server-Side Request Forgery
API7:2023: Server-Side Request Forgery (SSRF)

Available Labs

Open Go labs in SecDim Play for this vulnerability.

easy

SSRF.go

Go Easy

hard

Capital0.go

Go Hard Signature

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.