CVE-2025-48739

MEDIUM Year: 2025
Weakness Type
CWE-918
View all →

Vulnerability Description

A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions (allowing them to access specific API endpoints) to manipulate URLs to direct requests to unexpected hosts or ports. This allows the attacker to use a TheHive server as a proxy to reach internal or otherwise restricted resources. This could be exploited to access other servers on the internal network.

Related Vulnerabilities

CVE-2016-10926

CRITICAL
CVSS:10.0(Critical)

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.

CWE-9182016

CVE-2016-10927

CRITICAL
CVSS:10.0(Critical)

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.

CWE-9182016

CVE-2017-11291

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

CWE-9182017

CVE-2017-12905

CRITICAL
CVSS:10.0(Critical)

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php.

CWE-9182017

CVE-2017-8794

CRITICAL
CVSS:10.0(Critical)

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.ht...

CWE-9182017

CVE-2018-10511

CRITICAL
CVSS:10.0(Critical)

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.

CWE-9182018