CVE-2025-66031
📋 TL;DR
An uncontrolled recursion vulnerability in node-forge versions 1.3.1 and below allows remote attackers to craft malicious ASN.1 structures that trigger unbounded recursive parsing, leading to denial-of-service via stack exhaustion. This affects any application using vulnerable node-forge versions to parse untrusted DER-encoded inputs. The vulnerability is remotely exploitable without authentication.
💻 Affected Systems
- node-forge (forge)
📦 What is this software?
Forge by Digitalbazaar
⚠️ Risk & Real-World Impact
Worst Case
Complete service unavailability due to stack exhaustion crashes, potentially affecting all instances using vulnerable node-forge versions.
Likely Case
Service disruption or crashes when processing malicious DER inputs, leading to partial or complete DoS.
If Mitigated
No impact if patched version is used or if untrusted DER inputs are not processed.
🎯 Exploit Status
Proof of concept not publicly available but vulnerability details are disclosed in advisory.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.2
Vendor Advisory: https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27
Restart Required: Yes
Instructions:
1. Update package.json to require node-forge version 1.3.2 or higher. 2. Run 'npm update forge' or 'yarn upgrade forge'. 3. Restart all affected applications and services.
🔧 Temporary Workarounds
Input validation and sanitization
allImplement strict validation and size limits on DER inputs before passing to node-forge parser.
Rate limiting and monitoring
allImplement rate limiting on DER parsing endpoints and monitor for abnormal recursion patterns.
🧯 If You Can't Patch
- Implement strict input validation to reject or truncate excessively deep ASN.1 structures
- Deploy WAF rules to block malicious DER payloads and monitor for exploitation attempts
🔍 How to Verify
Check if Vulnerable:
Check package.json or node_modules/forge/package.json for version <=1.3.1Check Version:
npm list forge | grep forgeVerify Fix Applied:
Verify installed version is 1.3.2 or higher using 'npm list forge' or checking package.json📡 Detection & Monitoring
Log Indicators:
- Application crashes with stack overflow errors
- Unusually high memory/CPU usage during DER parsing
- Repeated failed parsing attempts
Network Indicators:
- Unusually large or complex DER payloads sent to parsing endpoints
- High volume of DER parsing requests from single sources
SIEM Query:
source="application.logs" AND ("stack overflow" OR "maximum call stack" OR "RangeError") AND process="node"