CVE-2025-2243

Name of the Vulnerable Software and Affected Versions Bitdefender GravityZone Console versions prior to 6.41.2.1

Description A server-side request forgery (SSRF) issue allows an attacker to bypass input validation logic using leading characters in DNS requests. This could potentially be used for the execution of third-party code when paired with other vulnerabilities.

Recommendations For versions prior to 6.41.2.1, update to version 6.41.2.1 or later to resolve the issue. As a temporary workaround, consider restricting DNS requests to prevent exploitation of the SSRF vulnerability.