CVE-2025-52163 | THREATINT

Description

A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data exposure.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-18 | Updated 2025-07-18 | Assigner mitre

References

agorum.com

herolab.usd.de/security-advisories/usd-2025-0025/

cve.org (CVE-2025-52163)

nvd.nist.gov (CVE-2025-52163)

Download JSON