Vulnerabilities

CVE-2026-25870 - DoraCMS <= 3.1 ueditor remote image fetch ssrf

2026-02-11 0 views admin

CVE ID : CVE-2026-25870 Published : Feb. 10, 2026, 10:16 p.m. | 40 minutes ago Description : DoraCMS version 3.1 and prior contains a server-side request forgery (SSRF) vulnerability in its UEditor remote image fetch functionality. The application accepts user-supplied URLs and performs server-side HTTP or HTTPS requests without sufficient validation or destination restrictions. The implementation does not enforce allowlists, block internal or private IP address ranges, or apply request timeouts or response size limits. An attacker can abuse this behavior to induce the server to issue outbound requests to arbitrary hosts, including internal network resources, potentially enabling internal network scanning and denial of service through resource exhaustion. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-25870

Severity

MEDIUM

Published

Feb. 10, 2026

Attack Vector: network

Impact: SSRF

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-25870medium

CVE-2026-25870 - DoraCMS <= 3.1 ueditor remote image fetch ssrf

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-25872 - JUNG Smart Panel 5.1 KNX Unauthenticated Path Traversal

CVE-2025-12699 - ZOLL ePCR IOS Mobile Application Insertion of Sensitive Information into Externa...

CVE-2026-26006 - Redos (Regular Expression Denial of Service) at Code Extraction Block in signifi...

CVE-2026-26007 - cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting