Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1540

1540 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CWE-918, Server-Side Request Forgery, is a critical web security weakness where an application allows users to specify URLs that the server subsequently fetches without adequate validation. Attackers typically exploit this by manipulating input parameters to force the server to access internal resources, such as cloud metadata services or local network endpoints, which are otherwise inaccessible from the outside. This bypasses perimeter defenses, potentially leading to sensitive data exposure or internal network reconnaissance. To mitigate SSRF, developers must implement strict input validation, ensuring that only whitelisted domains and protocols are permitted. Additionally, employing network-level controls like firewalls to restrict outbound connections from the application server and isolating internal services from public-facing interfaces significantly reduces the attack surface, preventing unauthorized internal access.

MITRE CWE Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Common Consequences (3)
ConfidentialityRead Application Data
IntegrityExecute Unauthorized Code or Commands
Access ControlBypass Protection Mechanism
By providing URLs to unexpected hosts or ports, attackers can make it appear that the server is sending the request, possibly bypassing access controls such as firewalls that prevent the attackers from accessing the URLs directly. The server can be used as a proxy to conduct port scanning of hosts i…
Examples (1)
This code intends to receive a URL from a user, access the URL, and return the results to the user.
$url = $_GET['url']; # User-controlled input # Fetch the content of the provided URL $response = file_get_contents($url); echo $response;
Bad · PHP
# Define allowed URLs (or domains) $allowed_urls = [ 'https://example.com/data.json', 'https://api.example.com/info', ]; # Get the user-provided URL $url = $_GET['url'] ?? ''; # Validate against allowed URLs if (!in_array($url, $allowed_urls)) { http_response_code(400); echo "Invalid or unauthorized URL."; exit; } # Fetch content safely $response = @file_get_contents($url); if ($response === false) { http_response_code(500); echo "Failed to fetch content."; exit; } echo htmlspecialchars($response); # Escape output for safety
Good · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-49984 WordPress PowerPress Podcasting plugin <= 11.13.11 - Server Side Request Forgery (SSRF) Vulnerability — PowerPress Podcasting 4.9 Medium2025-06-20
CVE-2025-52713 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Server Side Request Forgery (SSRF) Vulnerability — Post and Page Builder by BoldGrid 6.4 Medium2025-06-20
CVE-2025-30680 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 7.5 High2025-06-17
CVE-2025-30679 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 6.5 Medium2025-06-17
CVE-2025-30678 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 6.5 Medium2025-06-17
CVE-2025-49877 WordPress ProfileGrid plugin <= 5.9.5.2 - Server Side Request Forgery (SSRF) Vulnerability — ProfileGrid 4.9 Medium2025-06-17
CVE-2025-6142 Intera InHire server-side request forgery — InHire 6.3 Medium2025-06-16
CVE-2025-6087 SSRF vulnerability in opennextjs-cloudflare via /_next/image endpoint 9.1AICriticalAI2025-06-16
CVE-2025-49190 Server-Side Request Forgery — SICK Field Analytics 4.3 Medium2025-06-12
CVE-2023-48786 Fortinet FortiClientEMS 代码问题漏洞 — FortiClientEMS 4.1 Medium2025-06-10
CVE-2024-40625 GeoServer Coverage REST API Allows Server Side Request Forgery — geoserver 5.5 Medium2025-06-10
CVE-2024-29198 GeoServer Vulnerable to Unauthenticated SSRF via TestWfsPost — geoserver 7.5 High2025-06-10
CVE-2025-42988 Server-Side Request Forgery in SAP Business Objects Business Intelligence Platform — SAP Business Objects Business Intelligence Platform 3.7 Low2025-06-10
CVE-2025-29008 WordPress SocialMark plugin <= 2.0.7 - Server Side Request Forgery (SSRF) Vulnerability — SocialMark 4.9 Medium2025-06-06
CVE-2025-30976 WordPress Nexa Blocks plugin <= 1.1.1 - Server Side Request Forgery (SSRF) vulnerability — Nexa Blocks 4.9 Medium2025-06-06
CVE-2025-30997 WordPress Car Repair Services theme <= 5.0 - Server Side Request Forgery (SSRF) Vulnerability — Car Repair Services 5.4 Medium2025-06-06
CVE-2025-46341 Privilege escalation via SSRF when using HTTP auth — FreshRSS 7.1 High2025-06-04
CVE-2025-48962 Acronis Cyber Protect 代码问题漏洞 — Acronis Cyber Protect 16 7.5AIHighAI2025-06-04
CVE-2025-5510 quequnlong shiyi-blog optimize server-side request forgery — shiyi-blog 6.3 Medium2025-06-03
CVE-2024-7073 Unauthenticated Server-Side Request Forgery (SSRF) in Multiple WSO2 Products via SOAP Admin Services — WSO2 Identity Server as Key Manager 6.5 Medium2025-06-02
CVE-2025-5327 chshcms mccms Gf.php index server-side request forgery — mccms 6.3 Medium2025-05-29
CVE-2025-4967 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS — Portal for ArcGIS 9.1 Critical2025-05-29
CVE-2024-52588 Strapi allows Server-Side Request Forgery in Webhook function — strapi 4.9 Medium2025-05-29
CVE-2025-5276 Markdownify MCP Server 安全漏洞 — mcp-markdownify-server 7.4 High2025-05-29
CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery — JeeSite 6.3 Medium2025-05-26
CVE-2025-5140 Seeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgery — Zhiyuan OA Web Application System 6.3 Medium2025-05-25
CVE-2025-48739 StrangeBee TheHive 代码问题漏洞 — TheHive 5.5AIMediumAI2025-05-23
CVE-2024-13957 SSRF Server Side Request Forgery — ASPECT-Enterprise 7.6 High2025-05-22
CVE-2025-47936 TYPO3 Vulnerable to Server Side Request Forgery via Webhooks — typo3 3.3 Low2025-05-20
CVE-2025-36560 appleple a-blog cms 代码问题漏洞 — a-blog cms 8.6 High2025-05-19

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1540 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.