CVE-2026-4907
Received Received - Intake
Server-Side Request Forgery in Page-Replica Endpoint Component

Publication date: 2026-03-27

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-03-27
EPSS Evaluated
2026-05-05
NVD
CVE-2026-4907
EUVD
EUVD-2026-16525
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-4907 is a Server-Side Request Forgery (SSRF) vulnerability in the Page Replica project, specifically in the sitemap fetching functionality. The issue arises because the application uses the user-supplied URL parameter without any validation or sanitization, allowing an attacker to make the server perform HTTP requests to arbitrary destinations.

This means an attacker can trick the server into sending requests to internal network services, cloud metadata endpoints, or external systems, potentially accessing sensitive information or performing unauthorized actions.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability allows an attacker to perform server-side request forgery (SSRF), potentially accessing internal network services, sensitive cloud metadata, and privileged internal APIs. This unauthorized access and potential exposure of sensitive information could lead to violations of data protection regulations such as GDPR and HIPAA, which require strict controls over access to personal and sensitive data.

By enabling attackers to exploit the server as a proxy and access internal resources, the vulnerability increases the risk of data breaches and unauthorized data disclosure, which are critical compliance concerns under these standards.


How can this vulnerability impact me? :

The vulnerability can lead to unauthorized access to internal network services and sensitive cloud metadata, which are normally protected from external access.

  • Exposure of internal network services such as localhost or private IP ranges.
  • Access to cloud instance metadata services that may contain sensitive credentials or configuration.
  • Internal network reconnaissance by scanning or interacting with privileged internal APIs.
  • Abuse of the server as a proxy to scan or attack external systems.

How can this vulnerability be detected on my network or system? Can you suggest some commands?

CVE-2026-4907 is a Server-Side Request Forgery (SSRF) vulnerability in the sitemap fetching endpoint of the Page Replica project. Detection involves monitoring for unusual outbound HTTP requests originating from the server, especially those targeting internal IP ranges (e.g., 127.0.0.1, 10.0.0.0/8, 192.168.0.0/16) or cloud metadata services (e.g., 169.254.169.254).

You can detect exploitation attempts by inspecting server logs for requests to the sitemap endpoint that include suspicious or unexpected URL parameters.

Suggested commands to help detect this vulnerability include:

  • Use network monitoring tools like tcpdump or Wireshark to capture outbound HTTP requests from the server: tcpdump -i eth0 'tcp port 80 or tcp port 443'
  • Search web server access logs for requests to the sitemap endpoint with URL parameters: grep '/sitemap' /var/log/nginx/access.log | grep 'url='
  • Use curl or similar tools to test the sitemap endpoint with crafted URLs to see if the server makes outbound requests: curl 'http://yourserver/sitemap?url=http://169.254.169.254/latest/meta-data/'
  • Check for unexpected outbound connections to internal or cloud metadata IPs using netstat or ss: netstat -tnp | grep ESTABLISHED

What immediate steps should I take to mitigate this vulnerability?

To mitigate CVE-2026-4907, immediate steps include implementing strict validation and sanitization of the user-supplied URL parameter in the sitemap fetching endpoint to prevent arbitrary URLs from being requested.

Additional mitigation measures include:

  • Implement an allowlist of permitted domains or IP ranges for URLs that the server can fetch.
  • Block outbound HTTP requests to internal IP ranges and cloud metadata IP addresses at the network firewall or server level.
  • Monitor and restrict server outbound traffic to prevent abuse as a proxy.
  • Apply any available patches or updates from the Page Replica project once released.
  • If patching is not immediately possible, consider disabling or restricting access to the vulnerable sitemap fetching endpoint.

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart