Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-27163

Description

request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.

POC

Reference

- http://packetstormsecurity.com/files/174128/Request-Baskets-1.2.1-Server-Side-Request-Forgery.html

- http://packetstormsecurity.com/files/174129/Maltrail-0.53-Remote-Code-Execution.html

- https://gist.github.com/b33t1e/3079c10c88cad379fb166c389ce3b7b3

Github

- https://github.com/0xFTW/CVE-2023-27163

- https://github.com/0xabdoulaye/CTFs-Journey

- https://github.com/20142995/nuclei-templates

- https://github.com/Aledangelo/Sau_Writeup

- https://github.com/EssenceCyber/Exploit-List

- https://github.com/G4sp4rCS/htb-sau-automated

- https://github.com/Hamibubu/CVE-2023-27163

- https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53

- https://github.com/J0ey17/Exploit_CVE-2023-27163

- https://github.com/Jaenact/2025_OSSCA_challenge

- https://github.com/JustKhal/HackTheBox-Sau

- https://github.com/Khalidhaimur/exploit-request-baskets-1.2.1

- https://github.com/KharimMchatta/basketcraft

- https://github.com/MasterCode112/CVE-2023-27163

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning

- https://github.com/Rubioo02/CVE-2023-27163

- https://github.com/ThickCoco/CVE-2023-27163-POC

- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android

- https://github.com/bl4ckarch/ssrf_to_rce_sau

- https://github.com/btar1gan/exploit_CVE-2023-27163

- https://github.com/cowsecurity/CVE-2023-27163

- https://github.com/davuXVI/CVE-2023-27163

- https://github.com/entr0pie/CVE-2023-27163

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/hadrian3689/requests-baskets_1.2.1

- https://github.com/infcodev/pentesting_scripts

- https://github.com/josephberger/CVE-2023-27163

- https://github.com/lukehebe/CVE-2023-27163

- https://github.com/madhavmehndiratta/CVE-2023-27163

- https://github.com/mathias-mrsn/request-baskets-v121-ssrf

- https://github.com/mathias-mrsn/sau

- https://github.com/mylovemyon/memo

- https://github.com/nenandjabhata/CTFs-Journey

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/overgrowncarrot1/CVE-2023-27163

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/rvizx/CVE-2023-27163

- https://github.com/samh4cks/CVE-2023-27163-InternalProber

- https://github.com/seanrdev/cve-2023-27163

- https://github.com/szmpns/HackTheBox-Writeups

- https://github.com/theopaid/CVE-2023-27163-Request-Baskets-Local-Ports-Bruteforcer

- https://github.com/thomas-osgood/CVE-2023-27163

- https://github.com/zulloper/cve-poc