Read as
Last updated: May 1, 2026
Server-Side Request Forgery (SSRF) is a vulnerability where an attacker tricks a server into making HTTP requests on their behalf. In a cloud environment, SSRF frequently escalates from “interesting” to “full account compromise” via metadata service abuse.
Server-Side Request Forgery (SSRF) is a vulnerability where an attacker tricks a server into making HTTP requests on their behalf. In a cloud environment, SSRF frequently escalates from “interesting” to “full account compromise” via metadata service abuse.
The core vulnerability
An application takes a URL parameter, fetches it, and returns the response. Classic example: “Enter the URL of your avatar image” or “Import this RSS feed”. Attacker submits a URL pointing to internal infrastructure, and the server happily fetches it.
# Vulnerable endpoint (abstractly)
GET /api/fetch?url=https://example.com/rss.xml
# Attacker exploits:
GET /api/fetch?url=http://169.254.169.254/latest/meta-data/ (AWS metadata)
GET /api/fetch?url=file:///etc/passwd (LFI via SSRF)
GET /api/fetch?url=http://internal-db:5432/ (port scan internal)
GET /api/fetch?url=http://localhost:6379/set%20hacked (Redis via HTTP)Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants