Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1540

1540 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CWE-918, Server-Side Request Forgery, is a critical web security weakness where an application allows users to specify URLs that the server subsequently fetches without adequate validation. Attackers typically exploit this by manipulating input parameters to force the server to access internal resources, such as cloud metadata services or local network endpoints, which are otherwise inaccessible from the outside. This bypasses perimeter defenses, potentially leading to sensitive data exposure or internal network reconnaissance. To mitigate SSRF, developers must implement strict input validation, ensuring that only whitelisted domains and protocols are permitted. Additionally, employing network-level controls like firewalls to restrict outbound connections from the application server and isolating internal services from public-facing interfaces significantly reduces the attack surface, preventing unauthorized internal access.

MITRE CWE Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Common Consequences (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
Examples (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-11286 samanhappy MCPHub MCPRouter Service serverController.ts server-side request forgery — MCPHub 4.7 Medium2025-10-05
CVE-2025-10695 OpenSupports 4.11.0 — SSRF via test imap and smtp endpoints — OpenSupports 7.5AIHighAI2025-10-03
CVE-2025-61735 Apache Kylin: Server-Side Request Forgery — Apache Kylin 9.1AICriticalAI2025-10-02
CVE-2025-20371 Unauthenticated Blind Server Side Request Forgery (SSRF) in Splunk Enterprise — Splunk Enterprise 7.5 High2025-10-01
CVE-2025-10735 Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery — Block for Mailchimp – Add Email Subscription Forms and Collect Leads 4.0 Medium2025-10-01
CVE-2025-11046 Tencent WeKnora test testEmbeddingModel server-side request forgery — WeKnora 7.3 High2025-09-26
CVE-2025-60181 WordPress Silencesoft RSS Reader Plugin <= 0.6 - Server Side Request Forgery (SSRF) Vulnerability — Silencesoft RSS Reader 5.4 Medium2025-09-26
CVE-2025-60161 WordPress ZoloBlocks Plugin <= 2.3.11 - Server Side Request Forgery (SSRF) Vulnerability — ZoloBlocks 5.4 Medium2025-09-26
CVE-2025-10137 Snow Monkey <= 29.1.5 - Unauthenticated Blind Server-Side Request Forgery — Snow Monkey 5.4 Medium2025-09-26
CVE-2025-42907 Server-Side Request Forgery in SAP BI Platform — SAP BI Platform 4.3 Medium2025-09-23
CVE-2025-59527 FlowiseAI/Flowise has Server-Side Request Forgery (SSRF) vulnerability — Flowise 7.5 High2025-09-22
CVE-2025-9960 is-localhost-ip 2.0.0 - SSRF via Restrictions bypass — is-localhost-ip 9.1AICriticalAI2025-09-22
CVE-2025-58962 WordPress Publitio Plugin <= 2.2.1 - Server Side Request Forgery (SSRF) Vulnerability — Publitio 6.4 Medium2025-09-22
CVE-2025-53457 WordPress SEO Backlink Monitor plugin <= 1.8.0 - Server Side Request Forgery (SSRF) vulnerability — SEO Backlink Monitor 4.4 Medium2025-09-22
CVE-2025-53461 WordPress Beaf Plugin <= 1.6.2 - Server Side Request Forgery (SSRF) Vulnerability — Beaf 4.4 Medium2025-09-22
CVE-2025-57943 WordPress Skimlinks Affiliate Marketing Tool plugin <= 1.3.1 - Server Side Request Forgery (SSRF) vulnerability — Skimlinks Affiliate Marketing Tool 4.4 Medium2025-09-22
CVE-2025-57984 WordPress MakeStories (for Google Web Stories) Plugin <= 3.0.4 - Server Side Request Forgery (SSRF) Vulnerability — MakeStories (for Google Web Stories) 4.4 Medium2025-09-22
CVE-2025-58005 WordPress DriCub Theme <= 2.9 - Server Side Request Forgery (SSRF) Vulnerability — DriCub 5.4 Medium2025-09-22
CVE-2025-58011 WordPress Content Mask plugin <= 1.8.5.2 - Server Side Request Forgery (SSRF) vulnerability — Content Mask 6.4 Medium2025-09-22
CVE-2025-36037 IBM webMethods Integration server-side request forgery — webMethods Integration 5.4 Medium2025-09-22
CVE-2025-10787 MuYuCMS Add Fiend Link index.html server-side request forgery — MuYuCMS 6.3 Medium2025-09-22
CVE-2025-10765 SeriaWei ZKEACMS SEOSuggestions ZKEACMS.SEOSuggestions.dll server-side request forgery — ZKEACMS 4.7 Medium2025-09-21
CVE-2025-10764 SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery — ZKEACMS 6.3 Medium2025-09-21
CVE-2025-10760 Harness lookup_repo.go LookupRepo server-side request forgery — Harness 6.3 Medium2025-09-21
CVE-2025-26515 CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale) — StorageGRID 7.5 High2025-09-19
CVE-2025-59344 AliasVault Vulnerable to Server-Side Request Forgery via Favicon Extraction — aliasvault 7.7 High2025-09-19
CVE-2025-59346 Dragonfly server-side request forgery vulnerability — dragonfly 4.6AIMediumAI2025-09-17
CVE-2025-9862 Ghost 6.0.6 - SSRF via oEmbed Bookmark — Ghost 7.5AIHighAI2025-09-17
CVE-2025-59437 node-ip 代码问题漏洞 — ip 3.2 Low2025-09-16
CVE-2025-59436 node-ip 代码问题漏洞 — ip 3.2 Low2025-09-16

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1540 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.