x/vulndb: potential Go vuln in github.com/bishopfox/sliver: GHSA-fh4v-v779-4g2w

[GoVulnBot]

Advisory GHSA-fh4v-v779-4g2w references a vulnerability in the following Go modules:

Module
github.com/bishopfox/sliver

Description:

Summary

The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so

Reproduction steps

Run server

wget https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-server_linux
chmod +x sliver-server_linux
./sliver-server_linux

Generate binary

generate --mtls 127.0.0.1:8443

Run it on windows, then Task manager -> find process -> Create memory dump file

Install RogueSliver and get the certs

git clone https://github.com/ACE-Respon...

References:
- ADVISORY: https://github.com/BishopFox/sliver/security/advisories/GHSA-fh4v-v779-4g2w
- ADVISORY: https://github.com/advisories/GHSA-fh4v-v779-4g2w
- FIX: https://github.com/BishopFox/sliver/commit/0f340a25cf3d496ed870dae7da39eab4427bc16f

Cross references:
- github.com/bishopfox/sliver appears in 2 other report(s):
  - data/reports/GO-2023-1866.yaml    (https://github.com/golang/vulndb/issues/1866)
  - data/reports/GO-2024-2993.yaml    (https://github.com/golang/vulndb/issues/2993)

See [doc/quickstart.md](https://github.com/golang/vulndb/blob/master/doc/quickstart.md) for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
- module: github.com/bishopfox/sliver
non_go_versions:
- introduced: TODO (earliest fixed "1.5.43", vuln range ">= 1.5.26, <= 1.5.42")
vulnerable_at: 1.5.43
summary: SSRF in sliver teamserver in github.com/bishopfox/sliver
cves:
- CVE-2025-27090
ghsas:
- GHSA-fh4v-v779-4g2w
references:
- advisory: GHSA-fh4v-v779-4g2w
- advisory: GHSA-fh4v-v779-4g2w
- fix: BishopFox/sliver@0f340a2
source:
id: GHSA-fh4v-v779-4g2w
created: 2025-02-19T22:01:19.197158115Z
review_status: UNREVIEWED