CVE-2025-55150 is a high-severity Server-Side Request Forgery (SSRF) vulnerability affecting Stirling-PDF, a locally hosted web application designed to perform various PDF file operations. The vulnerability exists in versions prior to 1.1.0, specifically in the /api/v1/convert/html/pdf endpoint, which converts HTML content into PDF format. During this process, the backend invokes a third-party tool to handle the conversion. Although a sanitizer is implemented to secure this operation, it can be bypassed, allowing an attacker to craft malicious requests that cause the server to make unintended HTTP requests to internal or external resources. SSRF vulnerabilities like this can be exploited to access internal network services, potentially exposing sensitive data or enabling further attacks such as port scanning, internal service enumeration, or exploitation of other vulnerabilities within the network. The CVSS score of 8.6 (high) reflects the vulnerability's potential to compromise confidentiality (high impact), with limited impact on integrity and availability. Notably, exploitation requires no authentication or user interaction, and the attack can be performed remotely over the network. The issue was patched in version 1.1.0 of Stirling-PDF, and no known exploits are currently reported in the wild. However, the presence of this vulnerability in a web-facing or internally accessible application poses a significant risk if left unpatched.

For European organizations, the impact of this SSRF vulnerability can be substantial, especially for those relying on Stirling-PDF for document processing within their internal infrastructure or exposed web services. Exploitation could lead to unauthorized access to internal systems, leakage of sensitive information, or pivoting to other critical assets within the network. This is particularly concerning for sectors with strict data protection requirements such as finance, healthcare, and government institutions, where exposure of confidential documents or internal resources could result in regulatory penalties under GDPR and damage to reputation. Additionally, SSRF can be leveraged to bypass network segmentation and firewall rules, increasing the attack surface. Organizations using versions of Stirling-PDF prior to 1.1.0 are at risk until they apply the patch. The lack of required authentication for exploitation means that even external attackers without credentials could potentially leverage this vulnerability if the application is accessible externally or via VPN.

To mitigate this vulnerability, European organizations should immediately upgrade Stirling-PDF to version 1.1.0 or later, where the SSRF issue has been patched. If immediate upgrading is not feasible, organizations should implement strict network-level controls to restrict the server's outbound HTTP requests, limiting them only to trusted destinations. Employing web application firewalls (WAFs) with rules to detect and block SSRF patterns can provide additional protection. Furthermore, review and harden the configuration of the third-party tool used for HTML to PDF conversion to ensure it does not allow arbitrary URL fetching. Conduct internal network segmentation to isolate the PDF processing server from sensitive internal resources. Regularly audit logs for unusual outbound requests originating from the application. Finally, incorporate SSRF-specific detection in security monitoring and incident response plans to quickly identify and respond to exploitation attempts.