CVE-2022-38580

CVE-2022-38580
Description: Zalando Skipper is vulnerable to Universal SSRF [Server-Side Request Forgery]
Vulnerable version(s): <= v0.13.236
GitHub: https://github.com/zalando/skipper
Patch: https://github.com/zalando/skipper/releases/tag/v0.13.237
Vulnerable Code: https://github.com/zalando/skipper/pull/2058/commits/36bd409ea926de60f3822b6ea5c07bcfd4d8d9cb
Discoverer: Milad Fadavvi, Hossein Vita
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Impact Escalation of Privileges: True
Impact Information Disclosure: True

✅ Leaked Exploit Documentation:

https://docs.google.com/document/d/1S1iTruSLkgEPO8QtTuo2twS4f2FoJ3_l0-p4GKqeAUY/edit?usp=sharing

This made me $13,000 in 2 days.

Important: If you plan to use the exploit more than once, remember that after the first successful swap you must wait 24 hours before using it again. Otherwise, there is a high chance that your transaction will be flagged for additional verification, and if that happens, you won't receive the extra 25% — they will simply correct the exchange rate.
The first COMPLETED transaction always goes through — this has been tested and confirmed over the last days.

Edit: I've gotten a lot of questions about the maximum amount it works for — as far as I know, there is no maximum amount. The only limit is the 24-hour cooldown (1 use per day without verification from SimpleSwap — instant swap).