Plataforma
other
Componente
stirling-pdf
Corregido en
1.1.1
CVE-2025-55151 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in Stirling-PDF, a locally hosted web application for PDF manipulation. This flaw allows attackers to potentially access internal resources during the file conversion process. The vulnerability impacts versions of Stirling-PDF prior to 1.1.0, and a patch has been released in version 1.1.0.
The SSRF vulnerability in Stirling-PDF arises from the use of LibreOffice's unoconvert tool during the "convert file to pdf" functionality. An attacker can craft malicious input that causes unoconvert to make requests to unintended internal or external URLs. This could lead to unauthorized access to sensitive data residing on internal servers, exfiltration of confidential information, or even potential denial-of-service if the attacker can trigger resource-intensive requests. The blast radius extends to any internal services accessible from the Stirling-PDF server, making this a significant risk for environments with complex internal architectures.
CVE-2025-55151 was publicly disclosed on 2025-08-11. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability is not currently listed on the CISA KEV catalog. The SSRF nature of the vulnerability suggests a moderate risk of exploitation, particularly in environments with exposed internal services.
Organizations running Stirling-PDF versions prior to 1.1.0, especially those with complex internal networks or exposed internal services, are at risk. Shared hosting environments where Stirling-PDF is deployed alongside other applications could also be vulnerable if the attacker can leverage the SSRF to access other services on the same host.
• linux / server: Monitor Stirling-PDF server logs for unusual outbound HTTP requests, particularly those targeting internal IP addresses or sensitive endpoints. Use journalctl -u stirling-pdf to filter for relevant log entries.
journalctl -u stirling-pdf | grep -i "unoconvert" | grep -i "internal_ip_address"• generic web: Use curl or wget to test the /api/v1/convert/file/pdf endpoint with URLs pointing to internal resources. Check response headers for signs of SSRF exploitation.
curl -v --head 'http://<stirling-pdf-server>/api/v1/convert/file/pdf?url=http://192.168.1.100/sensitive_data' disclosure
Estado del Exploit
EPSS
0.06% (20% percentil)
CISA SSVC
Vector CVSS
The primary mitigation for CVE-2025-55151 is to upgrade Stirling-PDF to version 1.1.0 or later, which contains the fix. If immediate upgrading is not possible, consider implementing a Web Application Firewall (WAF) or proxy to filter outbound requests from the Stirling-PDF server, specifically blocking requests to internal IP ranges or known sensitive endpoints. Restrict network access to the Stirling-PDF server to only necessary services. Review and harden the configuration of unoconvert itself, if possible, to limit its ability to make external requests. After upgrade, confirm the fix by attempting a conversion with a URL pointing to an internal resource; the conversion should fail with an appropriate error message.
Actualice Stirling-PDF a la versión 1.1.0 o superior. Esta versión corrige la vulnerabilidad SSRF en la funcionalidad de conversión de archivos PDF. La actualización se puede realizar descargando la nueva versión desde el sitio web oficial o utilizando el mecanismo de actualización integrado en la aplicación.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2025-55151 is a Server-Side Request Forgery (SSRF) vulnerability in Stirling-PDF versions before 1.1.0, allowing attackers to potentially access internal resources during PDF conversion.
You are affected if you are using Stirling-PDF version 1.1.0 or earlier. Upgrade to version 1.1.0 to mitigate the vulnerability.
Upgrade Stirling-PDF to version 1.1.0. As a temporary workaround, implement a WAF or proxy to filter outbound requests.
There is no confirmed active exploitation of CVE-2025-55151 at this time, but the SSRF nature of the vulnerability suggests a potential risk.
Refer to the Stirling-PDF project's official website or repository for the latest security advisories and updates.
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.