CVE-2025-27090 Overview
CVE-2025-27090 is a Server-Side Request Forgery (SSRF) vulnerability affecting Sliver, the popular open-source cross-platform adversary emulation and red team framework developed by BishopFox. The vulnerability exists in the reverse port forwarding functionality of the Sliver teamserver, where the implant can open a reverse tunnel on the teamserver without proper verification that an operator instructed the implant to do so.
This flaw allows an implant to autonomously establish reverse tunnel connections back to the teamserver without authorization from a legitimate operator, potentially exposing the teamserver's IP address to third parties. While the demonstrated impact is limited to IP address disclosure, this could have significant operational security implications for red team operations where infrastructure anonymity is critical.
Critical Impact
Unauthorized reverse tunnel creation in Sliver teamserver enables implants to expose the C2 server's IP address to third parties without operator authorization, compromising operational security.
Affected Products
- Bishopfox Sliver versions prior to 1.5.43
Discovery Timeline
- 2025-02-19 - CVE-2025-27090 published to NVD
- 2025-02-27 - Last updated in NVD database
Technical Details for CVE-2025-27090
Vulnerability Analysis
The vulnerability is classified as CWE-918 (Server-Side Request Forgery), stemming from missing authorization checks in the reverse tunnel handling code. When an implant requests to establish a reverse port forward connection, the teamserver did not verify whether this action was initiated by an operator through proper command channels. This architectural flaw allows implants to create outbound connections from the teamserver without proper authorization.
The core issue lies in the session handler for tunnel data requests. When processing TunnelData messages from implants, the server would immediately proceed with establishing connections to the specified remote address without checking against a list of pending, operator-authorized tunnel requests. This meant a compromised or malicious implant could dictate where the teamserver would connect, potentially leaking the server's network location.
Root Cause
The root cause is a missing verification step in the reverse tunnel creation flow. The teamserver's session handler processed TunnelData requests and established connections based solely on the implant's request parameters, without cross-referencing against pending tunnel requests that were explicitly initiated by an operator. The fix introduces a pending synchronization map to track operator-authorized tunnel requests and validates incoming implant requests against this authorized list.
Attack Vector
The vulnerability is exploitable over the network by a Sliver implant. An attacker who has compromised or controls an implant can instruct it to request reverse tunnel connections to arbitrary destinations. Since the teamserver blindly honored these requests, it would establish outbound connections to attacker-controlled infrastructure, thereby revealing its IP address. This attack requires the adversary to have access to an active implant session.
The patched code introduces a validation check that prevents unauthorized tunnel creation:
remoteAddress := fmt.Sprintf("%s:%d", req.Rportfwd.Host, req.Rportfwd.Port)
if !rtunnels.Check(session.ID, remoteAddress) {
sessionHandlerLog.Errorf("Session %s attempted to create reverse tunnel to %s without being initiated by a client", session.ID, remoteAddress)
return nil
}
defer rtunnels.DeletePending(session.ID)
var defaultDialer = new(net.Dialer)
Source: GitHub Commit - Fix for GHSA-fh4v-v779-4g2w
The patch also adds a pending sync.Map to the rtunnels module for tracking authorized tunnel requests:
var (
Rtunnels map[uint64]*RTunnel = make(map[uint64]*RTunnel)
mutex sync.RWMutex
pending sync.Map
)
Source: GitHub Commit - Fix for GHSA-fh4v-v779-4g2w
Detection Methods for CVE-2025-27090
Indicators of Compromise
- Unexpected outbound connections from the Sliver teamserver to external IP addresses
- Log entries indicating unauthorized reverse tunnel creation attempts from implant sessions
- Anomalous network traffic patterns from the teamserver to unknown destinations
- Sessions attempting to establish tunnels without corresponding operator commands in audit logs
Detection Strategies
- Monitor teamserver logs for error messages containing "attempted to create reverse tunnel...without being initiated by a client"
- Implement network-level monitoring to detect outbound connections from the teamserver to unexpected destinations
- Audit implant session activity and correlate with operator command history to identify discrepancies
- Deploy IDS/IPS rules to detect unusual tunnel establishment patterns from C2 infrastructure
Monitoring Recommendations
- Enable verbose logging on the Sliver teamserver to capture all tunnel-related activity
- Implement centralized log collection for teamserver instances to facilitate correlation analysis
- Set up alerts for any outbound connections from teamserver infrastructure that don't match expected targets
- Regularly review session activity logs to identify potential unauthorized actions
How to Mitigate CVE-2025-27090
Immediate Actions Required
- Upgrade Sliver teamserver to version 1.5.43 or later immediately
- Review teamserver logs for any evidence of unauthorized tunnel creation prior to patching
- Assess operational security impact if IP disclosure may have occurred
- Consider rotating C2 infrastructure if compromise is suspected
Patch Information
BishopFox has addressed this vulnerability in Sliver version 1.5.43. The fix implements a verification mechanism that ensures reverse tunnel requests from implants are only processed when they correspond to operator-initiated commands. Security patches are available through the following commits:
- Primary fix commit - Adds pending tunnel verification in the main branch
- Backport fix for v1.5.x - Applies the same fix to the 1.5.x release branch
For full details, refer to the GitHub Security Advisory GHSA-fh4v-v779-4g2w.
Workarounds
- There are no known workarounds for this vulnerability according to the vendor advisory
- Organizations should prioritize upgrading to version 1.5.43 as the only remediation path
- Consider deploying network-level egress filtering on teamserver infrastructure as a defense-in-depth measure
- Limit network exposure of teamserver instances where possible
# Upgrade Sliver to the patched version
# Clone or pull the latest Sliver repository
git clone https://github.com/BishopFox/sliver.git
cd sliver
git checkout v1.5.43
# Build the teamserver with the security fix
make
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
