pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery (SSRF) attacks. An authenticated attacker can exploit this to access internal network services and exfiltrate cloud provider metadata. On DigitalOcean droplets, this exposes sensitive infrastructure data including droplet ID, network configuration, region, authentication keys, and SSH keys configured in user-data/cloud-init. Version 0.5.0b3.dev97 contains a patch.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XPyload
APPPyload0.5.0
Related vulnerabilities
RCE w pyLoad przez zapis pliku wykonywalnego do folderu /scripts
pyload: RCE przez upload złośliwego szablonu przez uwierzytelnionego użytkownika
Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.
Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.
pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev9...