CVE-2025-0184

MEDIUM LAB

langgenius/dify <0.11.0 - SSRF

Title source: llm

Description

A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10.2. The vulnerability occurs in the 'Create Knowledge' section when uploading DOCX files. If an external relationship exists in the DOCX file, the reltype value is requested as a URL using the 'requests' module instead of the 'ssrf_proxy', leading to an SSRF vulnerability. This issue was fixed in version 0.11.0.

Exploits (1)

nomisec WORKING POC 1 stars

by m0d0ri205 · poc

https://github.com/m0d0ri205/wargame_Re-LS

View Code ZIP pw:eip

References (2)

[Patch] https://github.com/langgenius/dify/commit/c135ec4b08d946a1a1d3a198a1d72c1ccf47250f

[Exploit, Third Party Advisory] https://huntr.com/bounties/a7eac4ae-5d5e-4ac1-894b-7a8cce5cba9b

Scores

CVSS v3 6.5

EPSS 0.0012

EPSS Percentile 30.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Lab Environment

COMMUNITY

Community Lab

docker pull portainer/portainer-ce:latest

https://github.com/m0d0ri205/wargame_Re-LS

View in Library

Details

CWE

CWE-918

Status published

Products (1)

langgenius/dify < 0.11.0

Published Mar 20, 2025

Tracked Since Feb 18, 2026