CyberSec.Space Logo
Back to CVE Browser

CVE-2019-13020

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile18.59th
PublishedAug 26, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content from a third-party attacker-controlled system. Second, arguably more severe, is the potential for an attacker to circumvent firewall controls, by proxying traffic, unauthenticated, into the internal network from the internet.

Affected Platforms (CPE)

📦
Trms

Tightrope Media Carousel

< 7.1.3

References & Advisories

🔗 https://www.carouselsignage.com/release-notes/carousel-7-1-3
🔗 https://www.carouselsignage.com/release-notes/carousel-7-1-3

Related Vulnerabilities

CVE-2018-189298.8

The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a default local administrator username a...

CVE-2018-189308.8

The Tightrope Media Carousel digital signage product 7.0.4.104 contains an arbitrary file upload vulnerability in the Manage Bulle...

CVE-2018-189318.8

An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to insecure default permissions on ...

CVE-2018-145735.5

A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3....