Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-35583 — Server-Side Request Forgery in Wkhtmltopdf

CWE-918 — Server-Side Request Forgery10 documents7 sources

Severity

9.8CRITICALNVD

NVD3.7

EPSS

58.6%

top 1.78%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wkhtmltopdf Debian Pandoc Debian Wkhtmltopdf

Timeline

PublishedAug 22

Latest updateJul 11

Description

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/wkhtmltopdf

▶NVDwkhtmltopdf/wkhtmltopdf0.12.6

▶debiandebian/pandoc

🔴Vulnerability Details

OSV

CVE-2025-51591: A Server-Side Request Forgery (SSRF) in JGM Pandoc v3↗2025-07-11

▶

VulnCheck

Server-Side Request Forgery (SSRF)↗2025

▶

GHSA

GHSA-v2fj-q75c-65mr: wkhtmlTOpdf 0↗2022-08-23

▶

OSV

CVE-2022-35583: wkhtmlTOpdf 0↗2022-08-22

▶

💥Exploits & PoCs

Exploit-DB

wkhtmltopdf 0.12.6 - Server Side Request Forgery↗2023-03-23

▶

📋Vendor Advisories

Red Hat

pandoc: Server-Side Request Forgery in Pandoc↗2025-07-11

▶

Debian

CVE-2025-51591: pandoc - A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to ga...↗2025

▶

Debian

CVE-2022-35583: wkhtmltopdf - wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial...↗2022

▶