CVE-2023-7080

HIGH EPSS 43.5%
Published Dec 29, 20232y ago · Modified Jun 17, 20261w ago
8.0 CVSS 3.1
High
Find Similar
Published Dec 29, 2023 2y ago
Last Modified Jun 17, 2026 1w ago

Description

The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary code. Additionally, the inspector server did not validate Origin/Host headers, granting an attacker that can trick any user on the local network into opening a malicious website the ability to run code. If wrangler dev --remote was being used, an attacker could access production resources if they were bound to the worker. This issue was fixed in wrangler@3.19.0 and wrangler@2.20.2. Whilst wrangler dev's inspector server listens on local interfaces by default as of wrangler@3.16.0, an SSRF vulnerability in miniflare https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7  (CVE-2023-7078) allowed access from the local network until wrangler@3.18.0. wrangler@3.19.0 and wrangler@2.20.2 introduced validation for the Origin/Host headers.

CVSS Details

Base Score
8.0
Exploitability
2.1
Impact
5.9
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
43.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-269 Improper Privilege Management Authorization

Affected Products 2

VendorProductVersionRange
cloudflarewrangler*≥2.0.0  –  <2.20.2
cloudflarewrangler*≥3.0.0  –  <3.19.0

References 5

  • github.com https://github.com/cloudflare/workers-sdk/issues/4430
    Issue TrackingPatch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4437
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4535
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4550
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf
    MitigationPatchThird Party Advisory

Remediation

  • github.com https://github.com/cloudflare/workers-sdk/issues/4430
    Issue TrackingPatch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4437
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4535
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/pull/4550
    Patch
  • github.com https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf
    MitigationPatchThird Party Advisory