Server-side Request Forgery

When an application allows or is obligated to make requests to the internal network of the server, and can be tricked to make unauthorized requests, allowing the enumeration of internal network services. This could lead to:

• Internal Network Scanning: Abuses SSRF to perform reconnaissance on internal services or private IP ranges

• Accessing Metadata Services: Exploits SSRF to access cloud metadata services (e.g., AWS, GCP), potentially exposing sensitive credentials or configurations

• HTTP Header Manipulation: Combines SSRF with header injection to manipulate backend behavior, such as bypassing authentication or redirecting traffic

• File Exfiltration: Uses SSRF to trick the server into fetching and exposing sensitive files

• Service Exploitation: Targets vulnerable internal services accessible via SSRF to execute unauthorized commands