CVE-2025-22374 MEDIUM

CVE-2025-22374: SSRF in CyberAudit-Web videx-legacy-ssl

Vendor Videx Inc.

Product CyberAudit-Web

Weakness CWE-918 · SSRF

Published April 10, 2025

Last update April 10, 2025

View on NVD All CVEs

CVSS base score

6.0/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:N/S:N/AU:Y/R:A/V:D/RE:L/U:Green

What the vulnerability does

01Description

A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web service of Videx’s CyberAudit-Web, affecting versions prior to 1.1.3. This vulnerability has been patched in versions after 1.1.3. Leaving this vulnerability unpatched could lead to unauthorized access to the underlying infrastructure.

Key dates

02Disclosure timeline

April 10, 2025 CVE published

April 10, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-22374 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/918.html

Related vulnerabilities

CVE-2025-22374: SSRF in CyberAudit-Web videx-legacy-ssl

01Description

02Disclosure timeline

03References

04Related CVE