CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Description
Label Studio's S3 storage integration feature contains a Server-Side Request Forgery (SSRF) vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a custom S3 endpoint URL via the s3_endpoint parameter. This endpoint URL is passed directly to the boto3 AWS SDK without proper validation or restrictions on the protocol or destination.
The vulnerability allows an attacker to make the application send HTTP requests to arbitrary internal services by specifying them as the S3 endpoint. When the storage sync operation is triggered, the application attempts to make S3 API calls to the specified endpoint, effectively making HTTP requests to the target service and returning the response in error messages.
This SSRF vulnerability enables attackers to bypass network segmentation and access internal services that should not be accessible from the external network. The vulnerability is particularly severe because error messages from failed requests contain the full response body, allowing data exfiltration from internal services.
Steps to reproduce
Create an account in Label Studio
Create a new project with basic configuration
Create an S3 storage connection with the following configuration:
{
"project": 1,
"title": "Test Storage",
"bucket": "",
"s3_endpoint": "http://internal-web",
"use_blob_urls": true,
"aws_access_key_id": "test",
"aws_secret_access_key": "test"
}
Trigger a storage sy...
February 14th, 2025 (5 months ago)
|
|
|
Description: DXPLOIT Defaced the Website of Aiuto-Hotel.it
February 14th, 2025 (5 months ago)
|
|
|
Description: 💡This post is part of Free Post Friday! If you're interested in subscribing to the platform please visit the subscriber page: https://darkwebinformer.com/status/#/portal/signup. If you would prefer to pay via cryptocurrency, please visit: https://darkwebinformer.com/crypto-paymentsIf you're interested in
February 14th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling the Data of Mous
February 14th, 2025 (5 months ago)
|
|
|
Description: Banking fraud and financial crimes are growing more sophisticated every day. By understanding the threats and building strong collaborations, banks can protect themselves and their clients.
February 14th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor is Claiming to Sell PlanB, A Multifunctional Software Tool for Managing PHP Shells and Backdoors
February 14th, 2025 (5 months ago)
|
|
|
Description: The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.
February 14th, 2025 (5 months ago)
|
|
|
Description: ​Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]
February 14th, 2025 (5 months ago)
|
|
|
February 14th, 2025 (5 months ago)
|
|
|
Description: Romance-baiting losses were up 40% last year, as more and more pig-butchering efforts crop up in the wild.
February 14th, 2025 (5 months ago)
|