Login Sign Up

CVE-2025-54560

3.8 LOW
SSRF

📋 TL;DR

A Server-Side Request Forgery (SSRF) vulnerability in Desktop Alert PingAlert versions 6.1.0.11 to 6.1.1.2 allows attackers to make the application server send unauthorized requests to internal systems. This enables probing of internal infrastructure that should not be externally accessible. Organizations running vulnerable versions of Desktop Alert PingAlert are affected.

💻 Affected Systems

Products:
  • Desktop Alert PingAlert
Versions: 6.1.0.11 to 6.1.1.2
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the Application Server component of Desktop Alert PingAlert.

📦 What is this software?

Pingalert Application Server by Desktopalert

View all CVEs affecting Pingalert Application Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could map internal network infrastructure, access internal services, or potentially chain with other vulnerabilities to gain further access.

🟠

Likely Case

Internal network reconnaissance leading to discovery of additional attack surfaces and potential data exposure.

🟢

If Mitigated

Limited to unsuccessful probing attempts if proper network segmentation and access controls are in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

SSRF vulnerabilities typically require some level of access to trigger, but exploitation complexity is generally low once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.1.1.3 or later

Vendor Advisory: https://desktopalert.net/cve-2025-54560/

Restart Required: Yes

Instructions:

1. Download the latest version from the vendor website. 2. Backup current configuration. 3. Install the update following vendor instructions. 4. Restart the Application Server service.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict outbound network access from the Application Server to only necessary internal services.

Input Validation

all

Implement strict input validation on all user-supplied URLs and network-related parameters.

🧯 If You Can't Patch

  • Implement strict network egress filtering to limit what internal resources the Application Server can access.
  • Deploy a web application firewall (WAF) with SSRF protection rules enabled.

🔍 How to Verify

Check if Vulnerable:

Check the version number in the Desktop Alert PingAlert administration interface or configuration files.

Check Version:

Check the application's About dialog or configuration files for version information.

Verify Fix Applied:

Confirm version is 6.1.1.3 or higher and test that URL-based functionality properly validates input.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP/HTTPS requests from the Application Server to internal IP ranges
  • Failed connection attempts to internal services

Network Indicators:

  • Unexpected traffic patterns from the Application Server to internal infrastructure
  • Requests to internal IP addresses from the application server

SIEM Query:

source="desktop-alert-server" AND (dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16)

📊 Metadata

CVE ID: CVE-2025-54560
CVSS v3 Score: 3.8 (LOW)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
CWE: CWE-918
EPSS Score: 0.04% exploit probability (10.6th percentile)
Published: November 14, 2025
Last Updated: November 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-54560, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)