Hackers have recently exploited a vulnerability in Pandoc, tracked as CVE-2025–51591, to target Amazon Web Services (AWS) environments via a Server-Side Request Forgery (SSRF) flaw, aiming to steal EC2 IAM credentials by abusing the AWS Instance Metadata Service (IMDS). What Is CVE-2025–51591?

This vulnerability, with a CVSS score of 6.5, affects Linux utility Pandoc and arises because Pandoc renders HTML <iframe> elements without restriction. Attackers can craft HTML documents with iframes pointing to internal resources most critically, the AWS IMDS endpoint at 169.254.169.254 allowing them to attempt to exfiltrate sensitive instance metadata, including IAM credentials, if successful.

How Attackers Exploit This Flaw

  • Attackers inject HTML <iframe> elements with a src attribute pointing to the IMDS endpoint into documents processed by Pandoc.
  • SSRF allows the compromised application (here, Pandoc) to act as a proxy, requesting confidential data from the IMDS service on behalf of the attacker, without any direct system access like RCE or path traversal.
  • IMDS provides not just configuration data but also temporary credentials if the EC2 instance uses IAM roles, a key target for attackers.

Prior Incidents and Broader Risks

  • This is part of a rise in SSRF attacks against cloud services; for example, a previous flaw (CVE-2021–21311) in Adminer database management tool was similarly weaponized to steal AWS credentials.
  • IMDSv1, the older version of the metadata service, is particularly at risk due to its simple request/response protocol, making it more vulnerable to SSRF when running on exploitable applications.
  • Once SSRF is exploited potentially bypassing IP whitelists and reaching internal-only assets attackers can engage in credential theft, network mapping, and attempts to access other internal services.

Recent Campaign and Outcomes

  • Wiz researchers observed real-world exploitation attempts dating to August 2025, though the reported campaign was ultimately unsuccessful because the targeted instances enforced IMDSv2.
  • IMDSv2 adds a session-oriented model and requires special authentication tokens in headers for all requests, sharply reducing SSRF risk.
  • The article notes continued abuse attempts against other cloud platforms (such as Google Cloud via ClickHouse), highlighting the widespread threat of SSRF flaws in unmaintained or less scrutinized tools.

Remediation and Best Practices

  • Users can mitigate the risk by invoking Pandoc with the -f html+raw_html flag or the sandbox option, which blocks or restricts the rendering of iframes from untrusted input.
  • The responsibility falls on users to sanitize inputs or use safe execution flags, as Pandoc maintainers consider iframe rendering intended behavior.
  • Organizations should:
  • Enforce IMDSv2 across all AWS EC2 instances.
  • Apply the principle of least privilege to instance roles.
  • Regularly audit and update third-party software in cloud environments.

Key Takeaways

CVE-2025–51591 highlights how even niche open-source utilities like Pandoc can become attack vectors in cloud environments.

SSRF remains a favored technique for attackers targeting cloud infrastructure for credential theft.

Hardened metadata services (IMDSv2), input sanitization, and software hygiene are crucial to defending against these attacks.

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Wiz uncovers CVE-2025-51591 SSRF exploitation in Pandoc targeting AWS IMDS; IMDSv2 mitigates attack.

thehackernews.com