CVE-2025-10397
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-14

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forgery. The attack can be initiated remotely. The exploit is publicly available and might be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-14
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-09-14
EPSS Evaluated
2026-06-14
NVD
CVE-2025-10397
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
maccms maccms 10.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-10397 is a server-side request forgery (SSRF) vulnerability in Magicblack MacCMS version 2025.1000.4050, specifically in the API Handler component. It occurs because the 'cjurl' argument is not properly validated, allowing an attacker to manipulate this parameter to make the server send unauthorized requests to arbitrary URLs. This can be exploited remotely and requires some authentication. A proof-of-concept exploit is publicly available, making exploitation relatively easy. [1, 2]

Impact Analysis

This vulnerability can impact you by allowing attackers to make the server perform unauthorized network requests, which can lead to information disclosure, internal network scanning, or other malicious activities. It affects the confidentiality, integrity, and availability of the affected system because the server may retrieve content from unintended or malicious URLs. Exploitation can be done remotely and may require authentication, but the availability of public exploit code increases the risk. [1, 2]

Detection Guidance

Detection can involve monitoring for unusual or unauthorized outbound requests initiated by the server, especially those involving the 'cjurl' parameter in API requests to Magicblack MacCMS 2025.1000.4050. Since the vulnerability involves server-side request forgery via the 'cjurl' argument, you can look for HTTP requests to the API Handler endpoint containing this parameter. Commands such as using curl or wget to test the API endpoint with crafted 'cjurl' values can help verify if the server makes external requests. For example, sending a request like: curl -v 'http://<target>/api_handler?cjurl=http://example.com' and observing if the server attempts to fetch the specified URL. Network monitoring tools or logs can be checked for unexpected outbound connections triggered by these parameters. [1, 2]

Mitigation Strategies

There are no known countermeasures or mitigations currently identified for this vulnerability. Immediate steps include considering replacing the affected Magicblack MacCMS 2025.1000.4050 product with an alternative solution. Additionally, restricting access to the API Handler component, applying strict network egress filtering to prevent unauthorized outbound requests, and monitoring for exploitation attempts can help reduce risk until a patch or fix is available. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10397. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart