CVE-2025-34439
BaseFortify
Publication date: 2025-12-17
Last updated on: 2025-12-19
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wwbn | avideo | to 20.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34439 is an open redirect vulnerability in AVideo versions prior to 20.0 caused by insufficient validation of the cancelUri parameter during user login. This flaw allows attackers to craft malicious links that redirect users to arbitrary external websites, potentially leading to phishing attacks. The vulnerability was fixed by implementing a stricter URL validation function that only allows safe, same-origin or relative URLs and rejects dangerous protocols. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by enabling attackers to redirect users to malicious external sites through crafted links. This can facilitate phishing attacks where users might be tricked into providing sensitive information or credentials on fraudulent websites, potentially leading to account compromise or data theft. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by monitoring for URLs or HTTP requests that include the `cancelUri` parameter with external or suspicious redirect URLs. For example, you can use network traffic inspection tools or web server logs to search for requests containing `cancelUri` parameters that redirect to domains different from your AVideo instance. A sample command using grep on web server logs might be: `grep -i 'cancelUri=' /path/to/access.log | grep -v 'yourdomain.com'` to find redirect attempts to external sites. Additionally, inspecting HTTP requests for redirect parameters that do not start with '/' or that include dangerous protocols like 'javascript:' can help identify exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, upgrade your AVideo installation to version 20.0 or later, where the issue has been fixed by implementing a stricter URL validation function `isSafeRedirectURL()`. This function ensures that only relative URLs starting with '/' or absolute URLs belonging to the same origin are allowed for redirection, and it blocks dangerous protocols such as 'javascript:', 'data:', 'file:', 'vbscript:', and 'about:'. If upgrading is not immediately possible, consider applying the patch from the commit https://github.com/WWBN/AVideo/commit/88bc40427b that replaces the previous URL validation with the safer one. Also, monitor and block suspicious redirect URLs in your web server or application firewall. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.