PatchSiren cyber security CVE debrief
CVE-2026-25870 doramart CVE debrief
CVE-2026-25870 is a server-side request forgery (SSRF) vulnerability in DoraCMS version 3.1 and prior. The vulnerability exists in the UEditor remote image fetch functionality, which accepts user-supplied URLs and performs server-side HTTP or HTTPS requests without sufficient validation or destination restrictions. This allows an attacker to induce the server to issue outbound requests to arbitrary hosts, potentially enabling internal network scanning and denial of service through resource exhaustion.
- Vendor
- doramart
- Product
- DoraCMS
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-07-14
Who should care
Administrators and users of DoraCMS version 3.1 and prior should be aware of this vulnerability and take necessary actions to mitigate it. This vulnerability can be used to scan internal networks and cause denial of service attacks, potentially leading to significant disruptions and security risks.
Technical summary
The vulnerability exists in the UEditor remote image fetch functionality of DoraCMS version 3.1 and prior. The application does not enforce allowlists, block internal or private IP address ranges, or apply request timeouts or response size limits. This lack of validation and restriction allows an attacker to submit arbitrary URLs, which the server will then process, potentially leading to SSRF attacks. The absence of these security measures enables attackers to induce the server to issue outbound requests to arbitrary hosts, including internal network resources, which could lead to internal network scanning and denial of service through resource exhaustion. Further verification of the vulnerability's impact and affected systems is necessary to understand the full scope of the risk.
Defensive priority
High
Recommended defensive actions
- Update DoraCMS to a version that fixes the SSRF vulnerability
- Implement allowlists and block internal or private IP address ranges
- Apply request timeouts and response size limits to prevent resource exhaustion
- Monitor server logs for suspicious activity
- Consider implementing additional security measures such as web application firewalls
Evidence notes
The CVE record and NVD detail provide information about the vulnerability, but the source item and references provide additional context and potential mitigations. However, the evidence is limited, and further verification is necessary to fully understand the vulnerability and its impact.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-02-10T23:16:16.287Z and has not been modified since then. The NVD entry is currently Deferred.