Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2025-55150

CVE-2025-55150: Stirling PDF SSRF Vulnerability

CVE-2025-55150 is an SSRF vulnerability in Stirling PDF that allows attackers to bypass security sanitization during HTML to PDF conversion. This article covers technical details, affected versions, impact, and mitigation.

Updated:

CVE-2025-55150 Overview

CVE-2025-55150 is a Server-Side Request Forgery (SSRF) vulnerability in Stirling-PDF, a locally hosted web application for PDF file operations. The flaw affects the /api/v1/convert/html/pdf endpoint, which converts HTML input to PDF output. The endpoint relies on a third-party tool with a sanitizer for security filtering, but attackers can bypass the sanitizer to trigger outbound requests from the server. The vulnerability exists in all versions prior to 1.1.0 and was patched in version 1.1.0. The issue is tracked under CWE-918: Server-Side Request Forgery.

Critical Impact

Unauthenticated attackers can abuse the HTML-to-PDF conversion endpoint to send arbitrary requests from the Stirling-PDF server, potentially reaching internal services, cloud metadata endpoints, or other restricted network resources.

Affected Products

  • Stirling-PDF versions prior to 1.1.0
  • Self-hosted Stirling-PDF deployments exposing the HTML-to-PDF conversion API
  • Containerized Stirling-PDF instances reachable over the network

Discovery Timeline

  • 2025-08-11 - CVE-2025-55150 published to NVD
  • 2025-08-15 - Last updated in NVD database

Technical Details for CVE-2025-55150

Vulnerability Analysis

Stirling-PDF exposes the /api/v1/convert/html/pdf endpoint to transform user-supplied HTML into PDF output. The backend delegates rendering to a third-party tool that fetches remote resources referenced by the HTML. To restrict outbound requests, the application applies a sanitizer that filters disallowed URLs. The sanitizer fails to block all bypass techniques, allowing crafted HTML payloads to trigger server-side requests to attacker-chosen destinations.

SSRF flaws in HTML rendering pipelines typically arise when sanitizers rely on string matching or incomplete URL parsing. Attackers commonly defeat such filters using DNS rebinding, URL-encoded payloads, redirect chains, or alternate IP representations. Once outbound requests succeed, the rendered PDF or response timing can leak content from internal endpoints, including cloud instance metadata services such as 169.254.169.254.

Root Cause

The root cause is incomplete input validation in the URL sanitizer used before invoking the third-party HTML renderer. The filter does not normalize URLs or constrain network destinations to an allow-list, so HTML elements that reference external resources can be coerced into reaching internal hosts.

Attack Vector

The attack vector is network-based and requires no authentication or user interaction. An attacker submits an HTTP POST request to /api/v1/convert/html/pdf containing HTML that references attacker-controlled URLs or internal targets. The server fetches these resources during PDF rendering, returning data or side effects to the attacker through the generated PDF.

The vulnerability manifests in the HTML-to-PDF conversion logic. See the GitHub Security Advisory GHSA-xw8v-9mfm-g2pm and the patch commit 7d6b708 for technical details on the fix.

Detection Methods for CVE-2025-55150

Indicators of Compromise

  • Unexpected outbound HTTP/HTTPS connections originating from the Stirling-PDF process to internal IP ranges or cloud metadata addresses such as 169.254.169.254
  • Requests to /api/v1/convert/html/pdf containing HTML with <img>, <link>, <iframe>, or <object> tags referencing internal hostnames or IP literals
  • Generated PDFs containing content sourced from internal services not intended for public consumption

Detection Strategies

  • Inspect web server access logs for POST requests to /api/v1/convert/html/pdf and correlate with subsequent egress traffic from the application host
  • Deploy egress monitoring rules that flag connections from the Stirling-PDF service to RFC1918 ranges, link-local addresses, and cloud metadata endpoints
  • Apply Web Application Firewall (WAF) signatures that inspect submitted HTML bodies for references to internal IP literals or metadata hostnames

Monitoring Recommendations

  • Enable structured logging on the Stirling-PDF container and forward logs to a centralized SIEM for retrospective hunting
  • Baseline normal outbound destinations for the application and alert on deviations
  • Monitor for unusually large or unusually small PDFs generated from the HTML conversion endpoint, which may indicate exfiltrated internal responses

How to Mitigate CVE-2025-55150

Immediate Actions Required

  • Upgrade Stirling-PDF to version 1.1.0 or later, which contains the official sanitizer fix
  • Restrict network access to the /api/v1/convert/html/pdf endpoint to trusted users or internal networks where feasible
  • Audit historical logs for suspicious POST payloads to the affected endpoint

Patch Information

The maintainers patched the vulnerability in Stirling-PDF version 1.1.0. The fix is delivered in commit 7d6b70871bad2a3ff810825f7382c49f55293943. Refer to the GitHub Security Advisory GHSA-xw8v-9mfm-g2pm for vendor guidance.

Workarounds

  • Block egress from the Stirling-PDF host to internal subnets, link-local addresses, and cloud metadata services at the network or container layer
  • Place Stirling-PDF behind a reverse proxy and disable the HTML-to-PDF endpoint if not required for business workflows
  • Run Stirling-PDF in an isolated network segment with no route to sensitive internal services
bash
# Example iptables rules to block SSRF targets from the Stirling-PDF host
iptables -A OUTPUT -d 169.254.169.254 -j DROP
iptables -A OUTPUT -d 10.0.0.0/8 -j DROP
iptables -A OUTPUT -d 172.16.0.0/12 -j DROP
iptables -A OUTPUT -d 192.168.0.0/16 -j DROP

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne