CVE-2025-50125

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: Apache (affected versions not specified)

Description: A Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation of the host request header.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2025-50125

Affected Products

Apache

CVE-2025-50125

Weakness Enumeration

Related Identifiers

Affected Products

References · 6