Login Sign Up

CVE-2024-50337

5.3 MEDIUM
SSRF

📋 TL;DR

Chamilo LMS versions before 1.11.28 contain an unauthenticated blind Server-Side Request Forgery (SSRF) vulnerability in the OpenId function. This allows attackers to make arbitrary HTTP requests from the vulnerable server to internal or external systems. Any Chamilo installation with the vulnerable OpenId functionality enabled is affected.

💻 Affected Systems

Products:
  • Chamilo LMS
Versions: All versions prior to 1.11.28
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires OpenId functionality to be enabled/accessible.

📦 What is this software?

Chamilo Lms by Chamilo

View all CVEs affecting Chamilo Lms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could scan internal networks, access internal services, exploit chained vulnerabilities, or use the server as a proxy for attacks against other systems.

🟠

Likely Case

Internal network reconnaissance, data exfiltration from internal services, or denial of service through request loops.

🟢

If Mitigated

Limited impact if network segmentation restricts server outbound connections and internal services require authentication.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SSRF vulnerabilities are commonly exploited with simple HTTP request manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.11.28

Vendor Advisory: https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-rp2w-g734-jf8h

Restart Required: No

Instructions:

1. Backup your Chamilo installation and database. 2. Download version 1.11.28 from the official repository. 3. Replace vulnerable files with patched versions. 4. Clear application cache if applicable.

🔧 Temporary Workarounds

Disable OpenId functionality

all

Temporarily disable or restrict access to the vulnerable OpenId endpoint.

# Modify Chamilo configuration to disable OpenId or restrict access via .htaccess/web.config

Network egress filtering

all

Restrict outbound HTTP/HTTPS connections from the Chamilo server to only necessary destinations.

# Configure firewall rules to limit outbound connections from Chamilo server IP

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate Chamilo server from internal systems
  • Deploy web application firewall (WAF) rules to detect and block SSRF patterns

🔍 How to Verify

Check if Vulnerable:

Check if Chamilo version is below 1.11.28 and OpenId functionality is accessible.

Check Version:

Check Chamilo configuration file or admin panel for version information.

Verify Fix Applied:

Confirm installation of version 1.11.28 and test OpenId endpoint for SSRF behavior.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from Chamilo server
  • Requests to internal IP addresses or unusual domains from OpenId endpoint

Network Indicators:

  • HTTP traffic from Chamilo server to unexpected internal/external destinations

SIEM Query:

source_ip="chamilo_server" AND (dest_ip="internal_range" OR dest_port=80 OR dest_port=443) AND NOT dest_ip="allowed_destinations"

📊 Metadata

CVE ID: CVE-2024-50337
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-918
Published: March 2, 2026
Last Updated: March 3, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50337, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)