Server-Side Request Forgery Vulnerability in Bitdefender GravityZone
CVE-2025-2245

6.9MEDIUM

Key Information:

Vendor: Bitdefender
Status: Gravityzone Update Server
Vendor: CVE Published:; 4 April 2025

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2025-2245?

A server-side request forgery vulnerabilities has been identified in the Bitdefender GravityZone Update Server while functioning in Relay Mode. The HTTP proxy on port 7074 implements an allowlist to manage outbound requests; however, it inadequately filters hostnames that contain null-byte sequences (%00). This flaw could allow an attacker to devise a request targeting a malicious domain like evil.com%00.bitdefender.com, circumventing the allowance checks. As a result, the proxy could inadvertently route requests to unintended external or internal locations, exposing systems to potential attack vectors.

Affected Version(s)

GravityZone Update Server 0 < 3.5.2.689

References

https://www.bitdefender.com/support/security-advisories/s...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 4, 2025
Vulnerability Reserved
Mar 12, 2025

Credit

Nicolas Verdier (@n1nj4sec)