CVE-2025-55150 Overview
CVE-2025-55150 is a Server-Side Request Forgery (SSRF) vulnerability discovered in Stirling-PDF, a locally hosted web application designed for performing various operations on PDF files. The vulnerability exists in the /api/v1/convert/html/pdf endpoint, which is used to convert HTML content to PDF format. When processing HTML input, the backend relies on a third-party tool and implements a sanitizer for security purposes. However, this sanitizer can be bypassed, allowing attackers to exploit SSRF and make unauthorized requests from the server to internal or external resources.
Critical Impact
Attackers can bypass the HTML sanitizer to perform SSRF attacks, potentially accessing internal services, cloud metadata endpoints, or sensitive internal network resources from the Stirling-PDF server.
Affected Products
- Stirling-PDF versions prior to 1.1.0
- Self-hosted Stirling-PDF deployments using the HTML to PDF conversion feature
- Docker and standalone installations with the vulnerable endpoint exposed
Discovery Timeline
- 2025-08-11 - CVE-2025-55150 published to NVD
- 2025-08-15 - Last updated in NVD database
Technical Details for CVE-2025-55150
Vulnerability Analysis
This SSRF vulnerability (CWE-918: Server-Side Request Forgery) affects the HTML to PDF conversion functionality in Stirling-PDF. The application's HTML sanitizer, designed to prevent malicious input from being processed, contains bypass vulnerabilities that allow attackers to inject URLs that trigger server-side requests. When a user submits specially crafted HTML content to the conversion endpoint, the application processes embedded resources (such as images, stylesheets, or other linked content) by fetching them from the server side. By bypassing the sanitizer, attackers can direct these requests to arbitrary destinations, including internal network resources, localhost services, and cloud metadata endpoints.
The vulnerability is particularly impactful because Stirling-PDF is typically deployed as an internal tool, meaning successful exploitation could provide attackers with access to sensitive internal infrastructure that would otherwise be unreachable from external networks.
Root Cause
The root cause of this vulnerability lies in the insufficient URL validation and sanitization logic within the CustomHtmlSanitizer class. Prior to the patch, the sanitizer did not adequately validate URLs embedded in HTML attributes, allowing attackers to craft payloads that bypass the security controls. The original implementation lacked proper SSRF protection mechanisms to validate that requested URLs point to safe, external resources rather than internal network addresses or sensitive endpoints.
Attack Vector
The attack is conducted over the network without requiring authentication or user interaction. An attacker sends a malicious HTTP request to the /api/v1/convert/html/pdf endpoint containing HTML with specially crafted URLs designed to bypass the sanitizer. These URLs can target:
- Internal services running on localhost (127.0.0.1)
- Cloud provider metadata endpoints (e.g., 169.254.169.254)
- Internal network resources accessible from the Stirling-PDF server
- Other services within the same Docker network or Kubernetes cluster
The patch introduces proper SSRF protection through a dedicated SsrfProtectionService that validates URLs before allowing the server to fetch resources.
// Security patch introducing SSRF protection service
// Source: https://github.com/Stirling-Tools/Stirling-PDF/commit/7d6b70871bad2a3ff810825f7382c49f55293943
@Component
public class CustomHtmlSanitizer {
private final SsrfProtectionService ssrfProtectionService;
private final ApplicationProperties applicationProperties;
@Autowired
public CustomHtmlSanitizer(
SsrfProtectionService ssrfProtectionService,
ApplicationProperties applicationProperties) {
this.ssrfProtectionService = ssrfProtectionService;
this.applicationProperties = applicationProperties;
}
private final AttributePolicy SSRF_SAFE_URL_POLICY =
new AttributePolicy() {
@Override
// URL validation logic using ssrfProtectionService
};
}
Source: GitHub Commit
Detection Methods for CVE-2025-55150
Indicators of Compromise
- Unusual outbound requests from the Stirling-PDF server to internal IP ranges (10.x.x.x, 172.16.x.x, 192.168.x.x)
- Requests to cloud metadata endpoints (169.254.169.254) originating from the application server
- High volume of requests to the /api/v1/convert/html/pdf endpoint with suspicious HTML payloads
- Server logs showing connections to localhost services or unexpected internal hostnames
Detection Strategies
- Monitor network traffic from Stirling-PDF servers for connections to RFC 1918 private IP addresses or link-local addresses
- Implement web application firewall (WAF) rules to detect SSRF payloads in HTML content submitted to conversion endpoints
- Review application logs for conversion requests containing suspicious URL patterns such as file://, gopher://, or internal hostnames
- Deploy network segmentation monitoring to detect lateral movement attempts originating from the PDF application server
Monitoring Recommendations
- Enable verbose logging on the Stirling-PDF application to capture all HTML to PDF conversion requests
- Configure egress filtering alerts on firewalls to detect unexpected outbound connections from application servers
- Implement DNS logging to identify resolution attempts for internal hostnames from the Stirling-PDF server
- Use SentinelOne Singularity to monitor for suspicious network behavior and process activity on systems running Stirling-PDF
How to Mitigate CVE-2025-55150
Immediate Actions Required
- Upgrade Stirling-PDF to version 1.1.0 or later immediately to address this vulnerability
- If immediate upgrade is not possible, disable the HTML to PDF conversion endpoint by blocking access to /api/v1/convert/html/pdf
- Implement network segmentation to restrict the Stirling-PDF server's ability to access sensitive internal resources
- Review access logs for any suspicious activity that may indicate prior exploitation attempts
Patch Information
The vulnerability has been addressed in Stirling-PDF version 1.1.0. The fix introduces a comprehensive SsrfProtectionService that validates all URLs before allowing the server to fetch external resources. The patch also adds an SSRF_SAFE_URL_POLICY attribute policy to the HTML sanitizer that leverages this protection service. Users should update by pulling the latest version from the official Stirling-PDF repository or Docker image.
For reference, see the GitHub Security Advisory and patch commit.
Workarounds
- Disable the HTML to PDF conversion feature entirely if not required for business operations
- Implement strict network egress controls to prevent the Stirling-PDF server from initiating connections to internal networks
- Deploy a reverse proxy with URL filtering to inspect and block requests containing SSRF payloads before they reach the application
- Use application-level access controls to restrict which users can access the conversion endpoint
# Example: Block the vulnerable endpoint using nginx until patch is applied
location /api/v1/convert/html/pdf {
deny all;
return 403;
}
# Example: Restrict egress from Stirling-PDF container using iptables
iptables -A OUTPUT -m owner --uid-owner stirling-pdf -d 10.0.0.0/8 -j DROP
iptables -A OUTPUT -m owner --uid-owner stirling-pdf -d 172.16.0.0/12 -j DROP
iptables -A OUTPUT -m owner --uid-owner stirling-pdf -d 192.168.0.0/16 -j DROP
iptables -A OUTPUT -m owner --uid-owner stirling-pdf -d 169.254.169.254 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
