WRITEUP

WRITEUP

Exploit for CVE-2025-59159 - SillyTavern <1.13.4 - SSRF

AI Analysis

This patch introduces host whitelisting middleware to mitigate DNS rebinding attacks by validating incoming host headers against a configurable whitelist. It includes a new error page, configuration options, and logging for untrusted hosts.

Attack Type

other

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1205 - Traffic Signaling

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type patch

Files 1

https://github.com/SillyTavern/SillyTavern/commit/d134abd50e4a416e3b81233242583b0a23f38320

Authors

Copilot Cohee

Vulnerability

CVE-2025-59159

SillyTavern <1.13.4 - SSRF

CRITICAL

CVSS 9.6