A critical server-side request forgery (SSRF) vulnerability (CVE-2025-27090) has been discovered in the Sliver C2 framework’s teamserver implementation, allowing attackers to establish unauthorized TCP connections and intercept traffic. The flaw, affecting versions 1.5.26 through 1.5.42 and pre-release builds prior to commit Of340a2, puts red team infrastructures at risk, exposing them to IP leakage, lateral movement, and traffic interception.
The vulnerability exists in the way protocol handlers manage implant registration and tunnel creation sequences. While the architecture of Sliver typically places teamservers behind protective redirectors, this flaw bypasses those safeguards via specially crafted implant callbacks.
Technical Mechanism of the SSRF Exploit
The exploit targets two key handler functions in Sliver’s Go codebase. First, the registerSessionHandler creates a session object for new implants using Protobuf deserialization:
goCopy// server/handlers/sessions.go
session := core.NewSession(implantConn)
core.Sessions.Add(session) // Adds session to teamserver tracking
Attackers exploit the tunnelDataHandler by sending specially crafted TunnelData messages with CreateReverse set to true:
goCopy// server/handlers/session.go
if rtunnel == nil && tunnelData.CreateReverse == true {
createReverseTunnelHandler(implantConn, data) // Triggers SSRF
}
This forces the teamserver to establish outbound connections using the defaultDialer.DialContext call:
goCopyremoteAddress := fmt.Sprintf("%s:%d", req.Rportfwd.Host, req.Rportfwd.Port)
dst, err := defaultDialer.DialContext(ctx, "tcp", remoteAddress)
This exploit creates a bidirectional communication channel via Sliver’s tunnel management system. Attackers can register a fake session and initiate reverse tunnels as shown in the Python proof-of-concept (PoC) code:
pythonCopyregistration_envelope = generate_registration_envelope()
ssock.write(registration_envelope_len + registration_envelope)
reverse_tunnel_envelope = generate_create_reverse_tunnel_envelope(target_ip, port, data)
ssock.write(reverse_tunnel_envelope_len + reverse_tunnel_envelope)
Mitigation and Patch
The vulnerability has been patched in commit 3f2a1b9, which introduced improved session validation and tunnel creation checks. Administrators are urged to upgrade to Sliver v1.5.43+ immediately and audit all staging listeners for unauthorized shellcode generation capabilities.
This SSRF vulnerability underscores the need for strict input validation in command-and-control (C2) frameworks, particularly those handling bidirectional network communications. As red team tools become increasingly targeted by attackers, the secure isolation of teamserver components remains critical to maintaining operational security.
