CVE-2025-2245

Name of the Vulnerable Software and Affected Versions Bitdefender GravityZone Update Server (affected versions not specified)

Description A server-side request forgery (SSRF) issue exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests but fails to properly sanitize hostnames containing null-byte (%00) sequences. By manipulating a request to a domain such as evil.com%00.bitdefender.com, an attacker can bypass the allowlist check, causing the proxy to forward requests to arbitrary external or internal systems.

Recommendations As a temporary workaround, consider restricting access to the HTTP proxy component on port 7074 to minimize the risk of exploitation. Avoid using the proxy in Relay Mode until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.