Login Sign Up

CVE-2024-46468

7.5 HIGH
SSRF

📋 TL;DR

This Server-Side Request Forgery (SSRF) vulnerability in JPress allows attackers to make the vulnerable server send requests to internal or external systems, potentially accessing sensitive information. It affects all JPress installations running version 5.1.1 or earlier. Attackers can exploit this to read internal network resources or cloud metadata.

💻 Affected Systems

Products:
  • JPress
Versions: <= v5.1.1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All JPress installations with the vulnerable component enabled are affected regardless of configuration.

📦 What is this software?

Jpress by Jpress

View all CVEs affecting Jpress →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker accesses cloud instance metadata (IAM credentials, secrets), internal network services, or sensitive backend systems, leading to full system compromise.

🟠

Likely Case

Information disclosure from internal services, cloud metadata exposure, or limited internal network reconnaissance.

🟢

If Mitigated

Limited to error messages or failed requests if proper network segmentation and input validation are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available in GitHub gist. Exploitation requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v5.1.2 or later

Vendor Advisory: https://github.com/JPressProjects/jpress/issues/190

Restart Required: Yes

Instructions:

1. Backup your JPress installation and database. 2. Download JPress v5.1.2 or later from official repository. 3. Replace existing JPress files with patched version. 4. Restart the JPress application server.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict URL validation to reject SSRF attempts

Implement regex validation for URLs: ^https?:\/\/([a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,})(:[0-9]+)?(\/.*)?$

Network Segmentation

linux

Restrict outbound network access from JPress server

iptables -A OUTPUT -p tcp --dport 80 -j DROP
iptables -A OUTPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block SSRF patterns
  • Restrict JPress server's outbound network access to only required external services

🔍 How to Verify

Check if Vulnerable:

Check JPress version in admin panel or via 'cat WEB-INF/classes/jpress.properties | grep version'

Check Version:

grep 'jpress.version' WEB-INF/classes/jpress.properties

Verify Fix Applied:

Verify version is v5.1.2 or later and test SSRF payloads return errors instead of successful requests

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from JPress server
  • Requests to internal IP addresses (10., 172.16., 192.168.)
  • Requests to cloud metadata endpoints (169.254.169.254)

Network Indicators:

  • JPress server making unexpected outbound HTTP/HTTPS requests
  • Requests to non-standard ports from web application

SIEM Query:

source="jpress.log" AND (url="*169.254.169.254*" OR url="*metadata*" OR url="*10.*" OR url="*192.168.*")

📊 Metadata

CVE ID: CVE-2024-46468
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-918
Published: October 11, 2024
Last Updated: May 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46468, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)