CVE-2025-32355
Open Redirect in Rocket TRUfusion Proxy Allows Resource Loading
Publication date: 2026-02-17
Last updated on: 2026-04-03
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rocketsoftware | trufusion_enterprise | to 7.10.5.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-32355 is a Server-Side Request Forgery (SSRF) vulnerability affecting Rocket Software TRUfusion Enterprise versions prior to 7.10.5. The issue arises from a misconfiguration in the reverse proxy used by the software, which allows attackers to specify absolute URLs in the HTTP request line. This causes the proxy to load and forward requests to arbitrary destinations, including internal network services that are not directly exposed externally.
An unauthenticated attacker can exploit this vulnerability by sending a crafted GET request with an absolute URL to the proxy, which then forwards the request to the specified internal or external resource.
How can this vulnerability impact me? :
This vulnerability can have significant impacts because it allows attackers to use the TRUfusion Enterprise application as a relay to interact with internal endpoints that are otherwise not accessible externally.
- Attackers can retrieve proxied responses from internal services, potentially exposing sensitive information.
- It can lead to further compromise of internal systems when combined with other vulnerabilities.
The vulnerability has a high severity score (CVSS v4 base score 7.9), indicating a high risk with network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality and integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for HTTP requests sent to the reverse proxy that contain absolute-form URLs in the request line. A proof of concept involves sending a crafted GET request with an absolute URL to the proxy, which then forwards the request to the specified resource.'}, {'type': 'paragraph', 'content': 'To detect potential exploitation attempts, you can look for unusual HTTP requests with absolute URLs in your proxy logs or use network monitoring tools to identify such traffic.'}, {'type': 'list_item', 'content': 'Use tools like curl to send crafted requests and observe the proxy behavior, for example: curl -v -X GET "http://vulnerable-proxy.example.com/http://internal-service.local/resource"'}, {'type': 'list_item', 'content': 'Check proxy access logs for HTTP request lines containing full URLs instead of relative paths.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate mitigation is to update Rocket TRUfusion Enterprise to version 7.10.5, where the vulnerability has been fixed.
Until the update can be applied, consider restricting access to the reverse proxy to trusted networks only and monitoring for suspicious requests containing absolute URLs.