CVE-2025-36845

EPSS 4.46% · P89 Updated Jul 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-36845

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in Eveo URVE Web Manager 27.02.2025. The endpoint /_internal/redirect.php allows for Server-Side Request Forgery (SSRF). The endpoint takes a URL as input, sends a request to this address, and reflects the content in the response. This can be used to request endpoints only reachable by the application server.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Eveo URVE Web Manager 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Eveo URVE Web Manager是波兰Eveo公司的一个数字标牌管理平台。 Eveo URVE Web Manager 27.02.2025版本存在安全漏洞，该漏洞源于端点/_internal/redirect.php允许服务器端请求伪造。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2025-36845

#	POC Description	Source Link	Shenlong Link
1	Eveo URVE Web Manager 27.02.2025 contains a server-side request forgery caused by improper validation of URL input in /_internal/redirect.php, letting attackers make requests to internal endpoints, exploit requires crafted URL input.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-36845.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-36845

请登录查看更多情报信息。

Same Patch Batch · n/a · 2025-07-21 · 37 CVEs total

CVE-2025-43720		Headwind MDM 安全漏洞
CVE-2025-46122		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-46123		CommScope多款产品安全漏洞
CVE-2025-46121		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-46117		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-46120		CommScope Ruckus Unleashed和CommScope Ruckus ZoneDirector 安全漏洞
CVE-2025-46118		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-46119		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-46116		CommScope Ruckus Unleashed 安全漏洞
CVE-2025-51398		live helper chat 安全漏洞
CVE-2025-43976		com.enflick.android.tn2ndLine 安全漏洞
CVE-2025-43977		SKTelecom com.skt.prod.dialer 安全漏洞
CVE-2025-52362		phproxy 安全漏洞
CVE-2025-52372		hMailServer 安全漏洞
CVE-2025-52374		hMailServer 安全漏洞
CVE-2025-52373		hMailServer 安全漏洞
CVE-2024-55040		Sensaphone WEB600 Monitoring System 安全漏洞
CVE-2020-26799		LuxSoft Luxcal 安全漏洞
CVE-2025-44654		Linksys E2500 安全漏洞
CVE-2025-44652		NETGEAR RAX30 安全漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2025-36845

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-36845

I. Basic Information for CVE-2025-36845

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-36845

III. Intelligence Information for CVE-2025-36845

Same Patch Batch · n/a · 2025-07-21 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-36845

Leave a comment