CVE-2026-54562
Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-918
Falsificación de solicitud en servidor (SSRF)
Fecha de publicación:
15/07/2026
Última modificación:
15/07/2026
Descripción
*** Pendiente de traducción *** Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or redirect-to-loopback targets, allowing a non-admin user with remote download permission to fetch internal-only URLs and read the response after it is imported into the user's own files. This issue is fixed in version 4.16.1.
Impacto
Puntuación base 3.x
6.50
Gravedad 3.x
MEDIA
Referencias a soluciones, herramientas e información
- https://github.com/cloudreve/cloudreve/commit/aaebf317a78f2413d74afd66c21a1f3143711312
- https://github.com/cloudreve/cloudreve/releases/tag/4.16.1
- https://github.com/cloudreve/cloudreve/security/advisories/GHSA-x756-g4x3-c64m
- https://github.com/cloudreve/cloudreve/security/advisories/GHSA-x756-g4x3-c64m



