PT-2026-6303 · Unknown · Group-Office

Siefr3Dus

Published

2026-02-04

Updated

2026-02-04

CVE-2026-25511

CVSS v4.0

8.2

High

Vector

AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 6.8.150 Group-Office versions prior to 25.0.82 Group-Office versions prior to 26.0.5

Description An authenticated user with System Administrator privileges can trigger a server-side request forgery (SSRF) through the WOPI service discovery URL. This allows access to internal hosts and ports, and the response body can be exfiltrated using the built-in debug system, resulting in a visible SSRF and enabling full server-side file read.

Recommendations Update Group-Office to version 6.8.150 or later. Update Group-Office to version 25.0.82 or later. Update Group-Office to version 26.0.5 or later.

Exploit

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2026-25511

GHSA-R9V4-JM2R-R9PM

Affected Products

Group-Office

PT-2026-6303 · Unknown · Group-Office

CVE-2026-25511

Weakness Enumeration

Related Identifiers

Affected Products

References · 7