CVE-2025-15241
Unknown Unknown - Not Provided
Open Redirect in CloudPanel HTTP Header Handler (/admin/users

Publication date: 2025-12-30

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2025-15241
EUVD
EUVD-2025-205700
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cloudpanel community_edition 2.5.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an open redirect issue in CloudPanel Community Edition up to version 2.5.1. It occurs due to manipulation of the Referer argument in the /admin/users file of the HTTP Header Handler component. An attacker can exploit this remotely to redirect users to malicious sites.

Impact Analysis

The vulnerability can be exploited remotely to perform open redirect attacks, potentially leading users to malicious websites. This can result in phishing attacks, loss of user trust, and indirect compromise of user security.

Mitigation Strategies

Upgrade CloudPanel Community Edition to version 2.5.2 or later, as this version fixes the open redirect vulnerability. Upgrading the affected component is recommended to mitigate the issue.

Detection Guidance

This vulnerability can be detected by sending crafted HTTP GET requests to the /admin/users endpoint with a manipulated Referer header containing an external URL. If the server responds with a 302 redirect to the URL specified in the Referer header, the system is vulnerable. For example, you can use curl to test this: curl -I -H "Referer: http://malicious.example.com" https://your-cloudpanel-domain/admin/users and check if the response includes a 302 redirect to the malicious URL. [3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-15241. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart