CVE-2025-25301
Published: 03 March 2025
Summary
CVE-2025-25301 is a medium-severity SSRF (CWE-918) vulnerability in Danielgatis Rembg. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-7 (Boundary Protection).
Deeper analysis
CVE-2025-25301 is an information disclosure vulnerability in Rembg, a tool for removing image backgrounds, affecting versions 2.0.57 and earlier. The issue stems from the /api/remove endpoint, which accepts a URL query parameter to fetch, process, and return an image. An attacker can supply an internal network URL via this parameter, causing the rembg server to retrieve and expose images hosted on its internal network. This flaw is classified as CWE-918 (Server-Side Request Forgery) with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact.
Any unauthenticated remote attacker with network access to the rembg server can exploit this vulnerability. By crafting a request to the /api/remove endpoint with a URL pointing to an internal resource, such as a private image server, the attacker tricks the server into fetching the image, processing it for background removal, and returning the result. This enables unauthorized viewing of sensitive internal images without requiring privileges or user interaction.
The GitHub Security Lab advisory (GHSL-2024-161 and GHSL-2024-162) provides further details on this vulnerability at https://securitylab.github.com/advisories/GHSL-2024-161_GHSL-2024-162_rembg/. Security practitioners should consult this reference for recommended mitigations and patches.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6006
Vulnerability details
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint…
more
to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF vulnerability in public-facing /api/remove endpoint enables remote unauthenticated exploitation of the application to access internal resources.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validates the URL query parameter accepted by the /api/remove endpoint to block SSRF attempts targeting internal network resources.
Monitors and controls communications at key internal interfaces to prevent the rembg server from fetching unauthorized internal images.
Enforces flow control policies that prohibit the rembg server from initiating connections to internal network hosts via untrusted inputs.