CVE-2025-25301 – CVE-2025-25301 is a server-side request forgery... (How to Fix)

📋 TL;DR

CVE-2025-25301 is a server-side request forgery (SSRF) vulnerability in Rembg's API endpoint that allows attackers to fetch and process images from internal network locations. This can lead to information disclosure of internal resources. Users running Rembg 2.0.57 or earlier with the API endpoint exposed are affected.

💻 Affected Systems

Products:

Rembg

Versions: 2.0.57 and earlier

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments where the /api/remove endpoint is exposed and accessible.

📦 What is this software?

Rembg by Danielgatis

View all CVEs affecting Rembg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete internal network reconnaissance leading to credential theft, lateral movement, and data exfiltration from internal services.

🟠

Likely Case

Information disclosure of internal images and metadata, potentially revealing internal network structure and sensitive data.

🟢

If Mitigated

Limited exposure with proper network segmentation and input validation in place.

🌐 Internet-Facing: HIGH - The API endpoint is designed to accept URLs, making internet-facing instances prime targets for SSRF attacks.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit this to access other internal resources, but external attack surface is reduced.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is straightforward to exploit by crafting malicious URL parameters. Public proof-of-concept exists in the GitHub advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.58

Vendor Advisory: https://securitylab.github.com/advisories/GHSL-2024-161_GHSL-2024-162_rembg/

Restart Required: Yes

Instructions:

1. Update Rembg to version 2.0.58 or later using pip: pip install --upgrade rembg==2.0.58
2. Restart any services using Rembg
3. Verify the fix by checking the version

🔧 Temporary Workarounds

Disable URL parameter functionality

all

Modify the API endpoint to reject URL parameters and only accept direct file uploads

Modify the /api/remove endpoint code to remove URL parameter handling

Network segmentation

all

Restrict Rembg server's outbound network access to prevent internal network scanning

Configure firewall rules to block outbound connections from Rembg server to internal networks

🧯 If You Can't Patch

Implement strict input validation to reject URLs pointing to internal IP ranges (RFC1918, localhost, etc.)
Deploy network-level controls to restrict the Rembg server's outbound connectivity

🔍 How to Verify

Check if Vulnerable:

Check if Rembg version is 2.0.57 or earlier and the /api/remove endpoint accepts URL parameters

Check Version:

python -c "import rembg; print(rembg.__version__)"

Verify Fix Applied:

Test that the /api/remove endpoint no longer processes URLs pointing to internal resources

📡 Detection & Monitoring

Log Indicators:

Unusual URL patterns in API requests
Requests to internal IP addresses from Rembg server

Network Indicators:

Outbound connections from Rembg server to internal IP ranges
Unusual traffic patterns from API endpoint

SIEM Query:

source="rembg" AND (url="*://10.*" OR url="*://192.168.*" OR url="*://172.16.*" OR url="*://127.*" OR url="*://localhost*")

📊 Metadata

CVE ID: CVE-2025-25301

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-918

EPSS Score: 0.06% exploit probability (17.6th percentile)

Published: March 3, 2025

Last Updated: March 7, 2025

🔗 References

https://securitylab.github.com/advisories/GHSL-2024-161_GHSL-2024-162_rembg/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25301, you might also want to check these: