CVE-2025-71398
Received Received - Intake

SurrealDB HTTP Redirect Validation Bypass Leading to SSRF

Vulnerability report for CVE-2025-71398, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-18

Last updated on: 2026-07-18

Assigner: VulnCheck

Description

SurrealDB before 2.2.2 fails to validate HTTP redirects in http functions, allowing authenticated users to bypass deny-net restrictions by redirecting to blocked IP addresses. Attackers can host a public server that redirects to denied network targets, enabling server-side request forgery to access internal endpoints and retrieve sensitive information.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-18
Last Modified
2026-07-18
Generated
2026-07-18
AI Q&A
2026-07-18
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
surrealdb surrealdb to 2.2.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

SurrealDB before version 2.2.2 fails to validate HTTP redirects in its http functions. This allows authenticated users to bypass network restrictions by redirecting requests to blocked IP addresses. Attackers can exploit this by hosting a server that redirects to denied targets, enabling server-side request forgery to access internal endpoints and retrieve sensitive information.

Detection Guidance

Monitor network traffic for unexpected HTTP redirects from SurrealDB instances, particularly to blocked IP addresses. Check SurrealDB logs for http::* function calls that result in external requests. Use tools like tcpdump or Wireshark to inspect outbound connections from SurrealDB servers.

Impact Analysis

This vulnerability allows attackers to access internal services and sensitive data by bypassing network restrictions. It could lead to unauthorized access to internal endpoints, potential data breaches, or manipulation of sensitive information if exploited.

Compliance Impact

This vulnerability could potentially violate compliance with GDPR and HIPAA by enabling unauthorized access to internal endpoints and sensitive data through SSRF. GDPR requires protecting personal data, while HIPAA mandates securing protected health information. The SSRF flaw allows attackers to bypass network restrictions and access restricted services, which may expose sensitive information.

Mitigation Strategies

Upgrade SurrealDB to version 2.2.2 or later immediately. If upgrading is not possible, disable network access entirely using the --deny-net flag or implement strict allowlists for HTTP redirects. Review and restrict network permissions for all authenticated users.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71398. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart