CVE-2025-32355
Received Received - Intake
Open Redirect in Rocket TRUfusion Proxy Allows Resource Loading

Publication date: 2026-02-17

Last updated on: 2026-04-03

Assigner: MITRE

Description
Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-17
Last Modified
2026-04-03
Generated
2026-06-16
AI Q&A
2026-02-17
EPSS Evaluated
2026-06-15
NVD
CVE-2025-32355
EUVD
EUVD-2025-207698
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rocketsoftware trufusion_enterprise to 7.10.5.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-32355 is a Server-Side Request Forgery (SSRF) vulnerability affecting Rocket Software TRUfusion Enterprise versions prior to 7.10.5. The issue arises from a misconfiguration in the reverse proxy used by the software, which allows attackers to specify absolute URLs in the HTTP request line. This causes the proxy to load and forward requests to arbitrary destinations, including internal network services that are not directly exposed externally.

An unauthenticated attacker can exploit this vulnerability by sending a crafted GET request with an absolute URL to the proxy, which then forwards the request to the specified internal or external resource.

Impact Analysis

This vulnerability can have significant impacts because it allows attackers to use the TRUfusion Enterprise application as a relay to interact with internal endpoints that are otherwise not accessible externally.

  • Attackers can retrieve proxied responses from internal services, potentially exposing sensitive information.
  • It can lead to further compromise of internal systems when combined with other vulnerabilities.

The vulnerability has a high severity score (CVSS v4 base score 7.9), indicating a high risk with network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality and integrity.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for HTTP requests sent to the reverse proxy that contain absolute-form URLs in the request line. A proof of concept involves sending a crafted GET request with an absolute URL to the proxy, which then forwards the request to the specified resource.'}, {'type': 'paragraph', 'content': 'To detect potential exploitation attempts, you can look for unusual HTTP requests with absolute URLs in your proxy logs or use network monitoring tools to identify such traffic.'}, {'type': 'list_item', 'content': 'Use tools like curl to send crafted requests and observe the proxy behavior, for example: curl -v -X GET "http://vulnerable-proxy.example.com/http://internal-service.local/resource"'}, {'type': 'list_item', 'content': 'Check proxy access logs for HTTP request lines containing full URLs instead of relative paths.'}] [1]

Mitigation Strategies

The recommended immediate mitigation is to update Rocket TRUfusion Enterprise to version 7.10.5, where the vulnerability has been fixed.

Until the update can be applied, consider restricting access to the reverse proxy to trusted networks only and monitoring for suspicious requests containing absolute URLs.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-32355. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart