CVE-2025-63551

HIGH

MetInfo CMS <8.1 - SSRF

Title source: llm

Description

A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management System (CMS) thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the server to initiate an HTTP request to an arbitrary internal or external network address. Successful exploitation could lead to internal network reconnaissance, port scanning, or the retrieval of sensitive information. The vulnerability may be present in the backend API called by or associated with the path `/admin/#/webset/?head_tab_active=0`, where user-provided XML data is processed.

References (2)

[Exploit, Third Party Advisory] https://github.com/sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection

View Exploit ZIP pw:eip

[Exploit, Third Party Advisory] https://github.com/sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection/blob/main/README.md

Scores

CVSS v3 7.5

EPSS 0.0005

EPSS Percentile 15.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-611 CWE-918

Status published

Products (1)

metinfo/metinfo < 8.1

Published Nov 06, 2025

Tracked Since Feb 18, 2026