CVE-2025-55150 Scanner
CVE-2025-55150 Scanner - Server-Side Request Forgery (SSRF) vulnerability in Stirling-PDF
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
1 minute
Time Interval
19 days 9 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
Stirling-PDF is used by developers and IT professionals who need to convert HTML documents to PDF for various applications. The software integrates into web-based systems for easy document processing. Businesses and educational institutions commonly use it for generating printable documents from web content. Stirling-PDF can be deployed on internal servers to secure the document conversion processes. It is also utilized in cloud environments for its scalability and efficiency. This software is crucial for industries requiring document standardization.
Server-Side Request Forgery (SSRF) is a vulnerability that enables attackers to manipulate server requests. This flaw lets attackers send crafted requests to internal services, potentially bypassing security controls. It poses a risk of exposing sensitive information stored within the affected system. SSRF can be used to conduct additional attacks, including privilege escalation. This vulnerability arises when user input is insufficiently sanitized and validated. Attackers often require local access to exploit SSRF successfully.
The vulnerability in Stirling-PDF allows attackers to exploit the /api/v1/convert/html/pdf endpoint. The vulnerability is triggered due to inadequate sanitization of HTML content used for PDF conversion. Attackers can insert malicious HTML into the conversion request to trigger unauthorized internal requests. The vulnerable parameter allowing this exploit is within the 'fileInput' form-data part, where malicious content is submitted. Successfully exploiting this allows for server-side requests to arbitrary network resources. Stimulating a crafted PDF document, attackers can manipulate server behavior to access restricted data.
If exploited, the SSRF vulnerability can significantly impact affected systems. Attackers can access internal network services or sensitive endpoints not publicly accessible. This may lead to data breaches or exposure of confidential information. Additionally, the flaw might pave the way for further attacks, such as executing unauthorized commands on the server. It can also result in Denial of Service (DoS) if internal services become overwhelmed due to unauthorized requests. Damage to organizational reputation and financial losses due to regulatory penalties may follow.
REFERENCES
