Executive Summary

CVE-2025-10096 is a Server-Side Request Forgery (SSRF) vulnerability in SimStudioAI sim up to version 1.0.0. It exists in the file parsing API endpoint `/api/files/parse`, specifically in the handling of the `filePath` parameter. The vulnerability arises because the server does not properly validate or restrict the URLs provided by users, allowing attackers to manipulate the `filePath` argument to make the server send unauthorized HTTP requests to arbitrary or internal network addresses. This can be exploited remotely and easily, potentially exposing internal services or sensitive data. [1, 2, 4]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing attackers to make the vulnerable server perform unauthorized requests to internal or protected network resources. This can lead to exposure of sensitive internal data, unauthorized access to internal services, and potentially further compromise of the affected system's confidentiality, integrity, and availability. Since the exploit is publicly available and easy to execute, the risk of attack is significant if the vulnerability is not patched. [1, 2, 4]

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring and analyzing requests to the API endpoint `/api/files/parse` that include the `filePath` parameter with suspicious or unexpected URLs, especially those targeting internal IP addresses or unusual destinations. You can look for POST requests with JSON bodies containing `filePath` values pointing to internal IP ranges (e.g., 192.168.x.x, 10.x.x.x) or uncommon protocols. Network monitoring tools or web server logs can be used to identify such requests. Additionally, security logging introduced in the patch (see Resource 3) can help detect SSRF attempts. Example commands to detect suspicious requests in logs might include: - Using grep on server logs: `grep -E 'POST /api/files/parse' /path/to/access.log | grep -E 'filePath.*http://'` - Using curl to test the endpoint (for detection or testing): `curl -X POST https://yourserver/api/files/parse -H 'Content-Type: application/json' -d '{"filePath":"http://internal-ip-or-malicious-url"}'` - Using network monitoring tools (e.g., tcpdump) to capture outgoing HTTP requests from the server to internal IPs: `tcpdump -i eth0 host 192.168.0.0/16` These methods help identify if the server is making unauthorized requests triggered by manipulated `filePath` inputs. [1, 4, 3]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate recommended step to mitigate this vulnerability is to apply the official patch identified by commit `3424a338b763115f0269b209e777608e4cd31785` which introduces strict URL validation and filtering to prevent SSRF attacks. This patch includes blocking access to private IP ranges, loopback addresses, link-local addresses, cloud metadata endpoints, and dangerous protocols, as well as recursive validation to prevent encoding bypass. If applying the patch is not immediately possible, consider implementing temporary network-level controls such as firewall rules to block outgoing HTTP requests from the server to internal IP ranges and restrict access to the vulnerable API endpoint. Monitoring and logging suspicious requests should also be enabled to detect exploitation attempts. Ultimately, updating to the fixed version of SimStudioAI sim or applying the patch from Pull Request #1149 is the safest and most effective mitigation. [2, 3]

Useful 0 Not Useful 0