CVE-2026-44833
Open Redirect Vulnerability in Snipe-IT Prior to 8.4.1
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| snipeitapp | snipe-it | to 8.4.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-44833 is an open redirect vulnerability in Snipe-IT versions prior to 8.4.1. It occurs because the application stores the HTTP Referer header in a session variable without proper validation. Attackers can manipulate this header to redirect users to malicious websites when the application redirects users based on this session data.
This vulnerability arises from improper handling of redirect URLs, allowing an attacker to control where users are sent after certain actions, potentially leading them to harmful sites.
How can this vulnerability impact me? :
This vulnerability can be exploited to redirect users to malicious websites, which can lead to phishing attacks, session hijacking, malware distribution, and social engineering attacks. Because the redirects appear to come from the trusted Snipe-IT domain, users may be more likely to trust the malicious links.
However, exploitation requires session poisoning and user interaction, which somewhat limits the immediate threat level.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves manipulation of the HTTP Referer header stored in a session variable to cause an open redirect. Detection can focus on monitoring HTTP requests for unusual or suspicious Referer headers that redirect users to external or untrusted domains.
You can inspect web server logs or use network monitoring tools to identify requests with suspicious Referer headers.
- Use grep or similar tools on web server access logs to find requests with suspicious Referer headers, for example: grep 'Referer: http' /var/log/apache2/access.log
- Use curl to simulate requests with manipulated Referer headers and observe if redirection occurs: curl -I -H 'Referer: http://malicious.example.com' https://your-snipeit-instance/
- Monitor session variables or application logs if accessible, to detect unexpected or unvalidated Referer values being stored.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade Snipe-IT to version 8.4.1 or later, where the vulnerability has been fixed by properly handling redirects using Laravel's intended() method instead of relying on unvalidated session variables.
Until the upgrade can be applied, consider implementing strict validation or sanitization of the Referer header and session variables related to redirection to prevent open redirects.
Additionally, educate users to be cautious of unexpected redirects and avoid clicking suspicious links that may exploit this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The open redirect vulnerability in Snipe-IT prior to version 8.4.1 allows attackers to redirect users to malicious sites by manipulating the HTTP Referer header stored in a session variable. This can lead to phishing attacks, session hijacking, malware distribution, and social engineering, which may compromise user data and trust.
Such security weaknesses could potentially impact compliance with standards and regulations like GDPR and HIPAA, which require protection of user data and secure handling of sessions to prevent unauthorized access or data breaches.
However, the vulnerability requires session poisoning and user interaction for exploitation, which somewhat limits its immediate threat. The issue has been fixed in version 8.4.1, mitigating these risks.