Login Sign Up

CVE-2022-24568

9.8 CRITICAL
SSRF

📋 TL;DR

CVE-2022-24568 is a Server-Side Request Forgery (SSRF) vulnerability in Novel-plus v3.6.0 that allows attackers to make arbitrary HTTP requests from the vulnerable server. This can lead to internal network reconnaissance, data exfiltration, or attacks against internal services. All users running Novel-plus v3.6.0 are affected.

💻 Affected Systems

Products:
  • Novel-plus
Versions: v3.6.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only Novel-plus v3.6.0 is confirmed affected. Earlier versions may also be vulnerable but not confirmed.

📦 What is this software?

Novel Plus by Xxyopen

View all CVEs affecting Novel Plus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could pivot to internal systems, access cloud metadata services, perform port scanning, or launch attacks against internal infrastructure using the server as a proxy.

🟠

Likely Case

Attackers will use the vulnerability to scan internal networks, access internal web applications, or retrieve sensitive data from internal APIs.

🟢

If Mitigated

With proper network segmentation and egress filtering, impact is limited to the local server environment and adjacent systems.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SSRF vulnerabilities are commonly exploited and weaponized. The GitHub issue shows proof of concept exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v3.6.1 or later

Vendor Advisory: https://github.com/201206030/novel-plus/issues/80

Restart Required: Yes

Instructions:

1. Backup your Novel-plus installation and database. 2. Download the latest version from the official repository. 3. Replace the vulnerable files with patched versions. 4. Restart the Novel-plus application server.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation to reject URLs pointing to internal IP ranges or localhost

Network Egress Filtering

linux

Configure firewall rules to restrict outbound HTTP/HTTPS traffic from the Novel-plus server

iptables -A OUTPUT -p tcp --dport 80 -j DROP
iptables -A OUTPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate the Novel-plus server from internal networks
  • Deploy a web application firewall (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check if Novel-plus version is 3.6.0 by examining the application files or configuration

Check Version:

Check the version.txt file or application configuration files

Verify Fix Applied:

Verify the application version is 3.6.1 or later and test SSRF payloads no longer work

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from the Novel-plus server
  • Requests to internal IP addresses or localhost

Network Indicators:

  • HTTP traffic from Novel-plus server to unexpected internal destinations
  • Port scanning activity originating from the server

SIEM Query:

source="novel-plus" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16 OR dest_ip=127.0.0.1)

📊 Metadata

CVE ID: CVE-2022-24568
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-918
Published: February 10, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-24568, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)