CVE-2026-11437 | perfree go-fastdfs-web up to 1.3.7 Installation Endpoint /install/checkServer server-side request forgery

A vulnerability was found in perfree go-fastdfs-web up to 1.3.7 and classified as critical. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can lead to server-side request forgery.

This vulnerability is handled as CVE-2026-11437. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More