CVE-2025-10397
BaseFortify
Publication date: 2025-09-14
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| maccms | maccms | 10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10397 is a server-side request forgery (SSRF) vulnerability in Magicblack MacCMS version 2025.1000.4050, specifically in the API Handler component. It occurs because the 'cjurl' argument is not properly validated, allowing an attacker to manipulate this parameter to make the server send unauthorized requests to arbitrary URLs. This can be exploited remotely and requires some authentication. A proof-of-concept exploit is publicly available, making exploitation relatively easy. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to make the server perform unauthorized network requests, which can lead to information disclosure, internal network scanning, or other malicious activities. It affects the confidentiality, integrity, and availability of the affected system because the server may retrieve content from unintended or malicious URLs. Exploitation can be done remotely and may require authentication, but the availability of public exploit code increases the risk. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring for unusual or unauthorized outbound requests initiated by the server, especially those involving the 'cjurl' parameter in API requests to Magicblack MacCMS 2025.1000.4050. Since the vulnerability involves server-side request forgery via the 'cjurl' argument, you can look for HTTP requests to the API Handler endpoint containing this parameter. Commands such as using curl or wget to test the API endpoint with crafted 'cjurl' values can help verify if the server makes external requests. For example, sending a request like: curl -v 'http://<target>/api_handler?cjurl=http://example.com' and observing if the server attempts to fetch the specified URL. Network monitoring tools or logs can be checked for unexpected outbound connections triggered by these parameters. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
There are no known countermeasures or mitigations currently identified for this vulnerability. Immediate steps include considering replacing the affected Magicblack MacCMS 2025.1000.4050 product with an alternative solution. Additionally, restricting access to the API Handler component, applying strict network egress filtering to prevent unauthorized outbound requests, and monitoring for exploitation attempts can help reduce risk until a patch or fix is available. [1]