CVE-2025-27501

Name of the Vulnerable Software and Affected Versions OpenZiti versions prior to 3.7.1

Description The issue concerns an endpoint on the admin panel that can be accessed without authentication. This endpoint accepts a user-supplied URL parameter to connect to an OpenZiti Controller, which can lead to a Server-Side Request Forgery (SSRF) vulnerability. The SSRF vulnerability allows an attacker to perform server-side requests, potentially exploiting the identity of the node to gain additional permissions.

Recommendations For versions prior to 3.7.1, update to version 3.7.1 to fix the vulnerability, as it moves the request to the external controller from the server side to the client side, eliminating the potential for SSRF exploitation.