{"vulnerability": "CVE-2023-32750", "sightings": [{"uuid": "8b5daa7c-387a-4a7e-be11-8defe59aaff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32750", "type": "seen", "source": "https://t.me/cibsecurity/65081", "content": "\u203c CVE-2023-32750 \u203c\n\nPydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job \"remote-download\" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-09T00:26:13.000000Z"}, {"uuid": "73240491-613e-4380-a768-4b3b7953d223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32750", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8419", "content": "#exploit\n1. CVE-2023-33381:\nOS command injection on MitraStar GPT-2741GNAC\nhttps://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC\n\n2. CVE-2023-32750:\nPydio Cells <=4.1.2 - Server-Side Request Forgery\nhttps://packetstormsecurity.com/files/172647", "creation_timestamp": "2023-07-05T13:11:08.000000Z"}]}