Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1540

1540 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CWE-918, Server-Side Request Forgery, is a critical web security weakness where an application allows users to specify URLs that the server subsequently fetches without adequate validation. Attackers typically exploit this by manipulating input parameters to force the server to access internal resources, such as cloud metadata services or local network endpoints, which are otherwise inaccessible from the outside. This bypasses perimeter defenses, potentially leading to sensitive data exposure or internal network reconnaissance. To mitigate SSRF, developers must implement strict input validation, ensuring that only whitelisted domains and protocols are permitted. Additionally, employing network-level controls like firewalls to restrict outbound connections from the application server and isolating internal services from public-facing interfaces significantly reduces the attack surface, preventing unauthorized internal access.

MITRE CWE Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Common Consequences (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
Examples (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-55007 Knowage vulnerable to server-side request forgery — Knowage-Server 3.5 Low2025-09-01
CVE-2025-57822 Next.js Improper Middleware Redirect Handling Leads to SSRF — next.js 6.5 Medium2025-08-29
CVE-2025-53250 WordPress Chartbeat Plugin <= 2.0.7 - Server Side Request Forgery (SSRF) Vulnerability — Chartbeat 6.4 Medium2025-08-28
CVE-2025-48364 WordPress rajce plugin <= 0.4.2 - Server Side Request Forgery (SSRF) vulnerability — rajce 4.9 Medium2025-08-28
CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability — Solace Extra 4.4 Medium2025-08-27
CVE-2025-57818 Firecrawl SSRF Vulnerability via malicious webhook — firecrawl 6.3 Medium2025-08-26
CVE-2025-57814 request-filtering-agent SSRF Bypass via HTTPS Requests — request-filtering-agent 9.1AICriticalAI2025-08-25
CVE-2025-9414 kalcaddle kodbox Download from Link serverDownload server-side request forgery — kodbox 4.7 Medium2025-08-25
CVE-2025-54370 PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser — PhpSpreadsheet 9.8AICriticalAI2025-08-25
CVE-2025-9402 HuangDou UTCMS Config update.php server-side request forgery — UTCMS 4.7 Medium2025-08-25
CVE-2025-9395 wangsongyan wblog backup.go RestorePost server-side request forgery — wblog 6.3 Medium2025-08-24
CVE-2025-7813 Event Manager, Events Calendar, Booking, Registrations and Tickets – Eventin <= 4.0.37 - Unauthenticated Server-Side Request Forgery — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) 7.2 High2025-08-23
CVE-2025-8678 WP Crontrol - 1.17.0 - 1.19.1 - Authenticated (Administrator+) Blind Server-Side Request Forgery — WP Crontrol 5.9 Medium2025-08-22
CVE-2025-43747 Liferay DXP 代码问题漏洞 — DXP 9.1AICriticalAI2025-08-21
CVE-2025-47700 AI plugin APIs can be triggered using post actions — Mattermost 3.5 Low2025-08-21
CVE-2025-1142 IBM Edge Application Manager server-side request forgery — Edge Application Manager 5.4 Medium2025-08-20
CVE-2025-54925 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 7.5 High2025-08-20
CVE-2025-54924 Schneider Electric EcoStruxure Power Monitoring Expert和EcoStruxure Power Operation AdvancedReporting and Dashboards Module 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 7.5 High2025-08-20
CVE-2024-39954 Apache EventMesh Runtime: SSRF — Apache EventMesh Runtime 9.1 -2025-08-20
CVE-2025-5260 SSRF in PozitifIK's Pik Online — Pik Online 8.6 High2025-08-20
CVE-2025-54234 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) — ColdFusion 2.7 Low2025-08-18
CVE-2025-8675 AI SEO Link Advisor - Less critical - Server-side Request Forgery - SA-CONTRIB-2025-095 — AI SEO Link Advisor 9.8AICriticalAI2025-08-15
CVE-2025-8013 Quttera Web Malware Scanner <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery — Quttera ThreatSign – Web Malware Scanner for WordPress 3.8 Low2025-08-15
CVE-2025-8680 B Slider - Gutenberg Slider Block for WP <= 2.0.0 - Authenticated (Subscriber+) Server-Side Request Forgery — bSlider – Create Responsive Image, Post, Product, and Video Sliders 4.3 Medium2025-08-15
CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability — Simplified 5.5 Medium2025-08-14
CVE-2025-28987 WordPress PressForward <= 5.9.4 - Server Side Request Forgery (SSRF) vulnerability — PressForward 6.4 Medium2025-08-14
CVE-2025-53760 Microsoft SharePoint Elevation of Privilege Vulnerability — Microsoft SharePoint Enterprise Server 2016 7.1 High2025-08-12
CVE-2025-7622 AXIS Camera Station和AXIS Camera Station Pro 安全漏洞 — AXIS Camera Station Pro 6.5AIMediumAI2025-08-12
CVE-2025-55161 Stirling-PDF SSRF vulnerability on /api/v1/convert/markdown/pdf — Stirling-PDF 8.6 High2025-08-11
CVE-2025-55150 Stirling-PDF SSRF vulnerability on /api/v1/convert/html/pdf — Stirling-PDF 8.6 High2025-08-11

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1540 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.