CODEWITHSUNDEEP
c#securityfortifyws-federationssrf
user1263981
user1263981

Reputation: 3157

WebRequest.Create and SSRF vulnerability

One of the recent scan on my project came up with SSRF vulnerability.

Here is the message;

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. Many different options exist to fix this issue depending the use case (Application can send request only to identified and trusted applications, Application can send requests to ANY external IP address or domain name).

The WebRequest.Create line of code causing an error.

Here is the code;

public static WebRequestStringToUri(Uri metadataAddress)
{
  if (metadataAddress == null)
  {
      //throw exception
   }          

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(metadataAddress.ToString());

}

Here is some part of the scan report;

   "$X": {
        "abstract_content": "metadataAddress",
        
    },
    "severity": "ERROR",
    "validation_state": "NO_VALIDATOR"
  },

I have been testing my code on the following link but not able to figure out the solution. I have tried passing metadataAddress as a string but still no luck.

 public void WebRequestStringToUri(string metaDataAddress) 
    { 
        Uri uri = new Uri(metaDataAddress);
        WebRequest webRequest = WebRequest.Create(uri);  
    }

https://semgrep.dev/r?q=csharp.lang.security.ssrf.web-request.ssrf

Note: Requests can go to any host on the internet

Upvotes: 1

Views: 1248

Answers (0)

Related Questions