CVE-2025-50251
📋 TL;DR
This SSRF vulnerability in makeplane plane 0.23.1 allows attackers to make unauthorized requests from the server via the password recovery feature. Attackers can potentially access internal services, exfiltrate data, or perform other malicious actions. Organizations using makeplane plane 0.23.1 are affected.
💻 Affected Systems
- makeplane plane
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of internal network services, data exfiltration from cloud metadata services, or chaining with other vulnerabilities for full system takeover.
Likely Case
Unauthorized access to internal APIs, credential harvesting from metadata services, or scanning of internal network resources.
If Mitigated
Limited to failed SSRF attempts with proper network segmentation and input validation in place.
🎯 Exploit Status
Exploit requires no authentication and is publicly available in exploit databases.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 0.23.2 or later
Vendor Advisory: https://github.com/makeplane/plane/releases
Restart Required: Yes
Instructions:
1. Backup current installation. 2. Update to makeplane plane 0.23.2 or later. 3. Restart the plane service. 4. Verify the fix is applied.
🔧 Temporary Workarounds
Disable password recovery
allTemporarily disable the password recovery functionality until patching is complete.
Edit plane configuration to disable password recovery feature
Network segmentation
allRestrict outbound network access from the plane server to only necessary services.
Configure firewall rules to limit outbound connections from plane server
🧯 If You Can't Patch
- Implement strict input validation on password recovery endpoints
- Deploy WAF rules to block SSRF patterns in requests
🔍 How to Verify
Check if Vulnerable:
Check if makeplane plane version is 0.23.1 and password recovery is enabled.Check Version:
plane --version or check package managerVerify Fix Applied:
Verify version is 0.23.2 or later and test password recovery functionality with SSRF payloads.📡 Detection & Monitoring
Log Indicators:
- Unusual outbound requests from plane server
- Password recovery attempts with unusual URLs
Network Indicators:
- Outbound requests to internal IPs from plane server
- Requests to cloud metadata services
SIEM Query:
source="plane" AND (url_contains="169.254.169.254" OR url_contains="metadata")