Ameeba Blog Logo
Ameeba Chat App store presentation
Download Ameeba Chat Today
Ameeba Blog Search

CVE-2025-55161: Critical SSRF Vulnerability in Stirling-PDF Application

Ameeba’s Mission: Safeguarding privacy by securing data and communication with our patented anonymization technology.

Overview

The CVE-2025-55161 vulnerability is a critical security flaw that has been identified in the Stirling-PDF web application. This vulnerability specifically affects the /api/v1/convert/markdown/pdf endpoint of the Stirling-PDF application which is used to convert Markdown to PDF files. The vulnerability has the potential to be heavily exploited, leading to system compromise or potential data leakage. Given the severity of the issue, it is crucial for system administrators and developers who are using the application to understand the nature of this vulnerability, how it can be exploited, and the necessary steps to mitigate its potential impact.

Vulnerability Summary

CVE ID: CVE-2025-55161
Severity: Critical (CVSS 8.6)
Attack Vector: Network
Privileges Required: None
User Interaction: None
Impact: System compromise or data leakage

Affected Products

Ameeba Chat Icon Escape the Surveillance Era

Most apps won’t tell you the truth.
They’re part of the problem.

Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.

Ameeba Chat gives you a way out.

  • • No phone number
  • • No email
  • • No personal info
  • • Anonymous aliases
  • • End-to-end encrypted

Chat without a trace.

Product | Affected Versions

Stirling-PDF | Prior to version 1.1.0

How the Exploit Works

The vulnerability exists because of an improper sanitization mechanism while converting Markdown to PDF. The Stirling-PDF application uses a third-party tool to process this conversion and includes a sanitizer for security sanitization. However, this sanitization can be bypassed, leading to a Server-Side Request Forgery (SSRF) vulnerability. An attacker can exploit this vulnerability to cause the server to send HTTP requests to an arbitrary destination, possibly leading to system compromise or data leakage.

Conceptual Example Code

POST /api/v1/convert/markdown/pdf HTTP/1.1
Host: vulnerable-host.example.com
Content-Type: application/json
{ "markdown": "![](http://malicious-site.com/ssrf-payload)" }

In the above example, an attacker uses the Markdown image syntax to craft a malicious payload. The Stirling-PDF server will fetch the image from the URL, thereby sending a request to the attacker’s server.

Mitigation Guidance

Users are advised to immediately upgrade to version 1.1.0 of the Stirling-PDF application which contains a patch for this vulnerability. If upgrading is not immediately possible, the use of a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation by blocking or alerting on suspicious requests to the /api/v1/convert/markdown/pdf endpoint. However, these temporary measures are not a substitute for patching the application.

Talk freely. Stay anonymous with Ameeba Chat.

Disclaimer:

The information and code presented in this article are provided for educational and defensive cybersecurity purposes only. Any conceptual or pseudocode examples are simplified representations intended to raise awareness and promote secure development and system configuration practices.

Do not use this information to attempt unauthorized access or exploit vulnerabilities on systems that you do not own or have explicit permission to test.

Ameeba and its authors do not endorse or condone malicious behavior and are not responsible for misuse of the content. Always follow ethical hacking guidelines, responsible disclosure practices, and local laws.

More posts

Ameeba Chat