Share
## https://sploitus.com/exploit?id=0AE69E37-9118-5450-A0BA-326F5595514D
# CVE-2025-45955
๐Ÿ•ณ๏ธ Server-Side Request Forgery in DonWeb Ferozo (CVE-2025-45955)
๐Ÿ“„ Description
An attacker can exploit this vulnerability by uploading and executing a specially crafted PHP file on the Ferozo hosting platform. When accessed, the file launches a series of SSRF attempts targeting internal services (such as 127.0.0.1, 169.254.169.254, or service mesh endpoints), local files (e.g., file:///etc/passwd), and known cloud metadata endpoints. The script collects responses or error messages, allowing the attacker to map internal infrastructure, enumerate accessible services, and gather sensitive information for further exploitation.

๐Ÿงช Proof of Concept (PoC)
The following code demonstrates the vulnerability:


๐ŸŽฏ Affected Component
Ferozo Hosting Platform (DonWeb)
PHP-based environments that allow user-uploaded or user-controlled PHP file execution
๐Ÿ”ฅ Impact
Information Disclosure: Leaks internal IPs, file contents, cloud metadata endpoints
Infrastructure Reconnaissance: Enables port and service enumeration (Docker, Kubelet, etc.)
Cloud Exploitation Potential: Probes known metadata endpoints such as AWS, GCP, and Alibaba
Chaining Opportunity: Can be paired with other local vulnerabilities for RCE or pivoting
๐Ÿ›ก๏ธ Remediation
Restrict file inclusion and URL access functions (file_get_contents, fopen, etc.)
Block access to internal IP ranges (127.0.0.0/8, 169.254.169.254, etc.) via outbound firewall rules
Audit and sanitize user inputs that may influence file paths or URLs
๐Ÿ“› CVE ID
CVE-2025-45955

๐Ÿ‘จโ€๐Ÿ’ป Discoverer
Reported by [Facundo Fernandez, Jinook Kim, Surendra Puppala / Security Researchers | @BYU]