CVE-2025-2245 MEDIUM

CVE-2025-2245: Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)

Vendor Bitdefender
Product GravityZone Update Server
Weakness CWE-918 · SSRF
Published April 4, 2025
Last update April 4, 2025
View on NVD All CVEs

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L

What the vulnerability does

01Description

A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte (%00) sequences. By crafting a request to a domain such as evil.com%00.bitdefender.com, an attacker can bypass the allowlist check, causing the proxy to forward requests to arbitrary external or internal systems.

Key dates

02Disclosure timeline

April 4, 2025 CVE published
April 4, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-27774 Applio allows SSRF and file write in model_download.py CVE-2023-35133 Moodle: ssrf risk due to insufficient check on the curl blocked hosts CVE-2026-33682 Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure) CVE-2026-1015 IBM InfoSphere Information Server is vulnerable to server-side request forgery CVE-2026-39670 WordPress Visual Link Preview plugin <= 2.3.0 - Server Side Request Forgery (SSRF) vulnerability