CVE-2025-36845
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-21

Last updated on: 2025-09-12

Assigner: MITRE

Description
An issue was discovered in Eveo URVE Web Manager 27.02.2025. The endpoint /_internal/redirect.php allows for Server-Side Request Forgery (SSRF). The endpoint takes a URL as input, sends a request to this address, and reflects the content in the response. This can be used to request endpoints only reachable by the application server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-21
Last Modified
2025-09-12
Generated
2026-05-27
AI Q&A
2025-07-21
EPSS Evaluated
2026-05-25
NVD
CVE-2025-36845
EUVD
EUVD-2025-22139
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
eveo urve_web_manager 27.02.2025
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include blocking all external access to endpoints under /_internal/ and updating the URVE Web Manager software to the latest patched version 27.02.2025 released on June 2, 2025. [1]


Can you explain this vulnerability to me?

The vulnerability in Eveo URVE Web Manager 27.02.2025 is a Server-Side Request Forgery (SSRF) issue in the /_internal/redirect.php endpoint. This endpoint accepts a URL as input, makes a server-side request to that URL, and reflects the response content back to the client. Because this endpoint is accessible without authentication, an attacker can use it to make requests to internal or otherwise inaccessible endpoints from the application server, potentially leading to unauthorized access or information disclosure. [1]


How can this vulnerability impact me? :

This SSRF vulnerability can allow attackers to make unauthorized requests from the application server to internal systems or services that are not normally accessible externally. This can lead to unauthorized access to sensitive information, internal network reconnaissance, or exploitation of other vulnerabilities within the internal network, potentially compromising the security and integrity of the affected system. [1]


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability could impact compliance with standards like GDPR or HIPAA by potentially allowing unauthorized access to sensitive or personal data through internal systems. If exploited, it may lead to data breaches or unauthorized disclosure of protected information, which would violate data protection and privacy regulations requiring the safeguarding of such data. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

The vulnerability can be detected by sending crafted HTTP GET requests to the /_internal/redirect.php endpoint with a URL parameter to test if the server makes requests to the specified URL and reflects the response. For example, using curl: curl -v "http://<target-host>/_internal/redirect.php?url=http://example.com". If the response contains content from the specified URL, the SSRF vulnerability is present. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart