Exploit for #VU72689 Server-Side Request Forgery (SSRF) in Avada Builder Plugin

Exploit for #VU72689 Server-Side Request Forgery (SSRF) in Avada Builder Plugin

Published: 2023-03-01 | Updated: 2023-03-22

Vulnerability identifier: #VU72689

Vulnerability risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-1386

CWE-ID: CWE-918

Exploitation vector: Network

Exploits in database: 2

March 22, 2023
- fubucker (Automatic Mass Tool for checking vulnerability in CVE-2022-1386 - Fusion Builder < 3.6.2 - Unauthenticated SSRF) [Github]
March 1, 2023
- CVE-2022-1386 () [Github]

Impact: Information disclosure

Vulnerable software:
Avada Builder Plugin
Web applications / Modules and components for CMS

Vendor: