Miggo Logo

CVE-2025-2691: nossrf Server-Side Request Forgery (SSRF)

8.2

CVSS Score
3.1

Basic Information

EPSS Score
0.13346%
Published
3/23/2025
Updated
3/25/2025
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
nossrfnpm

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability manifests in URL validation logic that checks hostnames without proper verification of their resolved IP addresses. The PoC explicitly shows the asyncValidateUrl function returning true for a hostname resolving to 127.0.0.1, indicating this function contains the flawed validation logic. As this is the primary SSRF protection function mentioned in documentation and PoC, and the CVE describes bypassing protection mechanisms, this function is clearly implicated.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

V*rsions o* t** p**k*** nossr* ***or* *.*.* *r* vuln*r**l* to S*rv*r-Si** R*qu*st *or**ry (SSR*) w**r* *n *tt**k*r **n provi** * *ostn*m* t**t r*solv*s to * lo**l or r*s*rv** IP ***r*ss sp*** *n* *yp*ss t** SSR* prot**tion m****nism.

Reasoning

T** vuln*r**ility m*ni**sts in URL v*li**tion lo*i* t**t ****ks *ostn*m*s wit*out prop*r v*ri*i**tion o* t**ir r*solv** IP ***r*ss*s. T** Po* *xpli*itly s*ows t** `*syn*V*li**t*Url` *un*tion r*turnin* tru* *or * *ostn*m* r*solvin* to ***.*.*.*, in*i*