CVE-2025-15241
Unknown Unknown - Not Provided
Open Redirect in CloudPanel HTTP Header Handler (/admin/users

Publication date: 2025-12-30

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-12-30
EPSS Evaluated
2026-05-05
NVD
CVE-2025-15241
EUVD
EUVD-2025-205700
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cloudpanel community_edition 2.5.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an open redirect issue in CloudPanel Community Edition up to version 2.5.1. It occurs due to manipulation of the Referer argument in the /admin/users file of the HTTP Header Handler component. An attacker can exploit this remotely to redirect users to malicious sites.


How can this vulnerability impact me? :

The vulnerability can be exploited remotely to perform open redirect attacks, potentially leading users to malicious websites. This can result in phishing attacks, loss of user trust, and indirect compromise of user security.


What immediate steps should I take to mitigate this vulnerability?

Upgrade CloudPanel Community Edition to version 2.5.2 or later, as this version fixes the open redirect vulnerability. Upgrading the affected component is recommended to mitigate the issue.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending crafted HTTP GET requests to the /admin/users endpoint with a manipulated Referer header containing an external URL. If the server responds with a 302 redirect to the URL specified in the Referer header, the system is vulnerable. For example, you can use curl to test this: curl -I -H "Referer: http://malicious.example.com" https://your-cloudpanel-domain/admin/users and check if the response includes a 302 redirect to the malicious URL. [3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart