{"id":59685,"date":"2025-07-27T16:33:33","date_gmt":"2025-07-27T16:33:33","guid":{"rendered":""},"modified":"2025-10-06T05:35:34","modified_gmt":"2025-10-06T11:35:34","slug":"cve-2025-36845-server-side-request-forgery-ssrf-vulnerability-in-eveo-urve-web-manager","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-36845-server-side-request-forgery-ssrf-vulnerability-in-eveo-urve-web-manager\/","title":{"rendered":"<strong>CVE-2025-36845: Server-Side Request Forgery (SSRF) Vulnerability in Eveo URVE Web Manager<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>A critical vulnerability, identified as CVE-2025-36845, has been discovered in Eveo URVE Web Manager, version 27.02.2025. This vulnerability, a Server-Side Request Forgery (SSRF), poses a significant risk to any organization using the affected software due to its potential for system compromise and data leakage. Given the high CVSS severity score of 8.6, immediate action is required to mitigate this risk and protect sensitive data and <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-36600-dell-bios-improper-access-control-vulnerability-allows-potential-system-compromise\/\"  data-wpil-monitor-id=\"70162\">systems from potential<\/a> exploitation.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-36845<br \/>\nSeverity: Critical (CVSS 8.6)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-27050-memory-corruption-vulnerability-leading-to-potential-system-compromise-and-data-leakage\/\"  data-wpil-monitor-id=\"74872\">Potential system compromise or data<\/a> leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-1770430152\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>Eveo URVE <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-58159-remote-code-execution-vulnerability-in-wegia-web-manager-for-charitable-institutions\/\"  data-wpil-monitor-id=\"85479\">Web Manager<\/a> | Version 27.02.2025<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9712-critical-remote-code-execution-vulnerability-in-ivanti-endpoint-manager\/\"  data-wpil-monitor-id=\"89113\">vulnerability resides in the \/_internal\/redirect.php endpoint<\/a>. This endpoint accepts a URL as an input, sends a request to this address, and then reflects the content in the response. <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-42959-unauthenticated-replay-attack-exploiting-hmac-reuse\/\"  data-wpil-monitor-id=\"74873\">Attackers can exploit<\/a> this by providing a URL of a sensitive internal resource, which would normally be unreachable from the outside network, leading to SSRF. This <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-41666-watchdog-file-replacement-vulnerability-allowing-remote-access-and-control\/\"  data-wpil-monitor-id=\"66747\">allows the attacker to bypass firewalls and gain access<\/a> to the internal network, potentially leading to system compromise or data leakage.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-898391260\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>The following is a conceptual HTTP <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-8243-critical-buffer-overflow-vulnerability-in-totolink-x15-http-post-request-handler\/\"  data-wpil-monitor-id=\"70163\">request<\/a> that demonstrates how an attacker might exploit this vulnerability:<\/p>\n<pre><code class=\"\" data-line=\"\">GET \/_internal\/redirect.php?url=http:\/\/internal-sensitive-resource HTTP\/1.1\nHost: vulnerable.example.com\nContent-Type: application\/json<\/code><\/pre>\n<p>The &#8220;url&#8221; parameter is manipulated to request a <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-57157-unauthorised-access-to-sensitive-apis-in-jantent-v1-1\/\"  data-wpil-monitor-id=\"81743\">sensitive internal resource that should not be accessible<\/a> from outside. The server then performs the request and returns the response, giving the attacker <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-50060-critical-data-access-vulnerability-in-oracle-bi-publisher\/\"  data-wpil-monitor-id=\"70161\">access to the sensitive data<\/a>.<\/p>\n<p><strong>Mitigation and Prevention<\/strong><\/p>\n<p>Organizations are advised to apply the vendor-supplied patch immediately. If this is not possible, the use of a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation against the exploit. Regularly updating and patching systems is <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-7096-critical-vulnerability-in-comodo-internet-security-premium-12-3-4-8162\/\"  data-wpil-monitor-id=\"66746\">critical for maintaining a strong security<\/a> posture.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview A critical vulnerability, identified as CVE-2025-36845, has been discovered in Eveo URVE Web Manager, version 27.02.2025. This vulnerability, a Server-Side Request Forgery (SSRF), poses a significant risk to any organization using the affected software due to its potential for system compromise and data leakage. Given the high CVSS severity score of 8.6, immediate action [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[101],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-59685","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-ssrf"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/59685","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=59685"}],"version-history":[{"count":6,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/59685\/revisions"}],"predecessor-version":[{"id":81936,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/59685\/revisions\/81936"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=59685"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=59685"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=59685"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=59685"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=59685"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=59685"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=59685"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=59685"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=59685"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}