Login Sign Up

CVE-2025-10096

6.3 MEDIUM
SSRF

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in SimStudioAI sim software up to version 1.0.0. Attackers can manipulate the filePath parameter in the route.ts API endpoint to make the server send unauthorized requests to internal or external systems. All users running vulnerable versions of SimStudioAI sim are affected.

💻 Affected Systems

Products:
  • SimStudioAI sim
Versions: Up to and including 1.0.0
Operating Systems: All platforms running the software
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the file parsing API endpoint at apps/sim/app/api/files/parse/route.ts

📦 What is this software?

Sim by Sim

View all CVEs affecting Sim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, or pivot to other systems within the network.

🟠

Likely Case

Unauthorized access to internal APIs, metadata services, or file systems accessible from the server.

🟢

If Mitigated

Limited impact with proper network segmentation and input validation controls.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploit has been publicly disclosed but no public PoC is confirmed. Attack requires remote access to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in commit 3424a338b763115f0269b209e777608e4cd31785

Vendor Advisory: https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785

Restart Required: No

Instructions:

1. Update to the latest version of SimStudioAI sim. 2. Apply commit 3424a338b763115f0269b209e777608e4cd31785. 3. Verify the fix by testing the file parsing endpoint.

🔧 Temporary Workarounds

Input Validation

all

Implement strict validation on the filePath parameter to reject malicious inputs.

Network Segmentation

all

Restrict outbound network access from the vulnerable server to only necessary services.

🧯 If You Can't Patch

  • Implement a Web Application Firewall (WAF) with SSRF protection rules.
  • Monitor and block suspicious outbound requests from the server.

🔍 How to Verify

Check if Vulnerable:

Check if your version is 1.0.0 or earlier and if the vulnerable route.ts file exists.

Check Version:

Check package.json or git log for version information.

Verify Fix Applied:

Verify that commit 3424a338b763115f0269b209e777608e4cd31785 is applied in your codebase.

📡 Detection & Monitoring

Log Indicators:

  • Unusual filePath parameter values in API logs
  • Outbound requests to unexpected internal/external IPs

Network Indicators:

  • Suspicious outbound HTTP requests from the server to internal services

SIEM Query:

source="api.log" AND (filePath CONTAINS "http://" OR filePath CONTAINS "file://" OR filePath CONTAINS "://")

📊 Metadata

CVE ID: CVE-2025-10096
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-918
EPSS Score: 0.04% exploit probability (12.5th percentile)
Published: September 8, 2025
Last Updated: November 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10096, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)