CVE-2025-50125

Medium CVSS 6.3

Overview

CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote
code execution when the server is accessed via the network with knowledge of hidden URLs and manipulation
of host request header.

CWE: CWE-918 Published: 2025-07-11T11:15:23.750

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.3 (MEDIUM)
Detected tags: rce, ssrf (tag impact: VERY HIGH)

Recommended actions:

Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.
Deny access to internal/metadata addresses; use outbound allowlists.

Overview

Recommended tools

Tags