Home / exploitsPDF  

IpMatcher 1.0.4.1 Server-Side Request Forgery

Posted on 16 May 2022

IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.

 

TOP