CVE-2025-48739

Published: May 23, 2025

Modified: May 23, 2025

PUBLISHED

Description

A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions (allowing them to access specific API endpoints) to manipulate URLs to direct requests to unexpected hosts or ports. This allows the attacker to use a TheHive server as a proxy to reach internal or otherwise restricted resources. This could be exploited to access other servers on the internal network.

Vendor	Product	Versions
StrangeBee	TheHive	affected `5.2.0 - < 5.2.16` affected `5.3.0 - < 5.3.11` affected `5.4.0 - < 5.4.10` affected `5.5.0 - < 5.5.1`

Weaknesses (CWE)

CWE-918

References

https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-002.md

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-48739

Description

Affected Products

Weaknesses (CWE)

References