CVE-2025-10393
BaseFortify
Publication date: 2025-09-14
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| miurla | morphic | 0.4.0 |
| miurla | morphic | 0.4.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10393 is a Server-Side Request Forgery (SSRF) vulnerability in the miurla morphic application up to version 0.4.5. It occurs in the fetchHtml function of the /api/advanced-search endpoint, specifically in the HTTP Status Code 3xx Handler. The flaw allows an attacker to manipulate the server into making unauthorized requests to internal or external systems by exploiting how the server processes redirected URLs. This can be done remotely without authentication, and an exploit is publicly available. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to make unauthorized requests from your server to internal services or external targets. This can lead to unauthorized access to internal resources, port scanning or detection of internal network structure, and potentially distributed denial-of-service (DDoS) attacks by repeatedly triggering requests. It affects the confidentiality, integrity, and availability of your system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring requests to the /api/advanced-search endpoint, especially those triggering HTTP 3xx redirections and causing the server to make additional internal requests. Network or application logs should be inspected for unusual or repeated internal requests originating from this endpoint. Since the exploit involves server-side request forgery, commands like curl or wget can be used to test the endpoint by sending crafted requests that cause redirections and observing if the server follows them internally. For example, using curl with verbose output to detect redirection handling: curl -v -X POST 'http://<target>/api/advanced-search' -d '{"url":"http://internal-service"}' -H 'Content-Type: application/json'. Additionally, network monitoring tools can be used to detect unexpected outbound requests from the server to internal or external addresses triggered by this endpoint. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected miurla morphic software version (up to 0.4.5) with an alternative product, as no known mitigations or countermeasures have been identified. Additionally, restricting or filtering outbound requests from the server to prevent unauthorized internal or external requests triggered by the vulnerable endpoint can help reduce risk. Monitoring and blocking suspicious activity related to the /api/advanced-search endpoint and applying network-level controls to limit access to internal services may also help mitigate exploitation until a patch or fix is available. [2]