CVE-2022-0339 – This CVE describes a Server-Side Request Forger... (How to Fix)

Q: What is the severity of CVE-2022-0339?

CVE-2022-0339 has a CVSS score of 9.8 (CRITICAL). This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in calibre-web versions prior to 0.6.16. Attackers can exploit this to make the server send arbitrary HTTP requests to internal systems, potentially accessing sensitive data or services. All users running vulnerable versions of calibre-web are affected.

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in calibre-web versions prior to 0.6.16. Attackers can exploit this to make the server send arbitrary HTTP requests to internal systems, potentially accessing sensitive data or services. All users running vulnerable versions of calibre-web are affected.

💻 Affected Systems

Products:

calibre-web

Versions: All versions prior to 0.6.16

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations regardless of configuration. The vulnerability is in the core functionality.

📦 What is this software?

Calibre Web by Janeczku

View all CVEs affecting Calibre Web →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of internal network services, data exfiltration from internal systems, and potential lateral movement to other critical infrastructure.

🟠

Likely Case

Unauthorized access to internal HTTP services, metadata harvesting from internal endpoints, and potential credential theft from internal APIs.

🟢

If Mitigated

Limited to port scanning of internal services if proper network segmentation and egress filtering are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access to the calibre-web interface. The fix commit shows the vulnerability was in URL validation logic.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.6.16

Vendor Advisory: https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92

Restart Required: Yes

Instructions:

1. Backup your current calibre-web installation and database. 2. Stop the calibre-web service. 3. Update to version 0.6.16 or later using pip: 'pip install --upgrade calibreweb'. 4. Restart the calibre-web service. 5. Verify the version is 0.6.16 or higher.

🔧 Temporary Workarounds

Network Segmentation

linux

Restrict calibre-web server's outbound network access to only necessary services

iptables -A OUTPUT -p tcp --dport 80 -j DROP
iptables -A OUTPUT -p tcp --dport 443 -j DROP

Authentication Hardening

all

Implement strong authentication requirements and limit user privileges

🧯 If You Can't Patch

Implement strict network egress filtering to block all outbound HTTP/HTTPS traffic from the calibre-web server
Place calibre-web behind a reverse proxy with strict URL validation and request filtering

🔍 How to Verify

Check if Vulnerable:

Check if calibre-web version is below 0.6.16. The vulnerability exists in all versions prior to this.

Check Version:

pip show calibreweb | grep Version

Verify Fix Applied:

Verify the installed version is 0.6.16 or higher and test that SSRF attempts are properly blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from calibre-web server
Requests to internal IP addresses or localhost from calibre-web

Network Indicators:

HTTP traffic from calibre-web server to unexpected internal services
Port scanning patterns originating from calibre-web server

SIEM Query:

source="calibre-web" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16 OR dest_ip=127.0.0.0/8)

📊 Metadata

CVE ID: CVE-2022-0339

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-918

Published: January 30, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92 Patch,Third Party Advisory
https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369 Exploit,Issue Tracking,Patch,Third Party Advisory
https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92 Patch,Third Party Advisory
https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369 Exploit,Issue Tracking,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-0339, you might also want to check these: