CVE-2023-7080 [High] | Privilege Escalation in Wrangler

The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary code. Additionally, the inspector server did not validate Origin/Host headers, granting an attacker that can trick any user on the local network into opening a malicious website the ability to run code. If wrangler dev --remote was being used, an attacker could access production resources if they were bound to the worker. This issue was fixed in [email protected] and [email protected]. Whilst wrangler dev's inspector server listens on local interfaces by default as of [email protected], an SSRF vulnerability in miniflare https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7 (CVE-2023-7078) allowed access from the local network until [email protected]. [email protected] and [email protected] introduced validation for the Origin/Host headers.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-11-21	0.12%	0.04%	-0.08%
2	2025-11-18	0.04%	0.12%	+0.08%
3	2025-04-15	—	0.04%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-11-21

0.12%

0.04%

-0.08%

2025-11-18

0.04%

0.12%

+0.08%

2025-04-15

—

0.04%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
8.5	3.1	HIGH	`CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N` Click to expand Attack vector (AV:A) Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:R) A real person has to do something—click, install, enable—otherwise it doesn’t land. Scope (S:C) Breaking this can reach past the original component and bite other resources—bigger blast radius. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:N) Service keeps running; no real outage angle.	2.1	5.8	[email protected]
8.0	3.1	HIGH	`CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H` Click to expand Attack vector (AV:A) Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:N) No account or special rights needed—anonymous or random user is enough. User interaction (UI:R) A real person has to do something—click, install, enable—otherwise it doesn’t land. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	2.1	5.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

8.5

3.1

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Click to expand

Attack vector (AV:A): Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R): A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:C): Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:N): Service keeps running; no real outage angle.

2.1

5.8

[email protected]

8.0

3.1

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Click to expand

Attack vector (AV:A): Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N): No account or special rights needed—anonymous or random user is enough.
User interaction (UI:R): A real person has to do something—click, install, enable—otherwise it doesn’t land.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

2.1

5.9

[email protected]

Affected software / configurations for CVE-2023-7080

Vendor	Product	Version	Raw CPE
cloudflare	wrangler	>= 2.0.0, < 2.20.2	cpe:2.3:a:cloudflare:wrangler::::::node.js::*
cloudflare	wrangler	>= 3.0.0, < 3.19.0	cpe:2.3:a:cloudflare:wrangler::::::node.js::*

References for CVE-2023-7080

URL	Tags
https://github.com/cloudflare/workers-sdk/issues/4430	Issue Tracking Patch
https://github.com/cloudflare/workers-sdk/pull/4437	Patch
https://github.com/cloudflare/workers-sdk/pull/4535	Patch
https://github.com/cloudflare/workers-sdk/pull/4550	Patch
https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf	Mitigation Patch Third Party Advisory

URL

CVE-2023-7080 | Arbitrary remote code execution within wrangler dev Workers sandbox

Exploit prediction scoring system (EPSS) score for CVE-2023-7080

Common vulnerability scoring system (CVSS) metrics for CVE-2023-7080

Weakness enumeration for CVE-2023-7080

GitHub Security Advisory for CVE-2023-7080

Affected software / configurations for CVE-2023-7080

References for CVE-2023-7080