Login Sign Up

CVE-2024-11955

4.3 MEDIUM
Open Redirect

📋 TL;DR

This CVE describes an open redirect vulnerability in GLPI versions up to 10.0.17. Attackers can manipulate the 'redirect' parameter in /index.php to redirect users to malicious websites. All GLPI installations up to version 10.0.17 are affected.

💻 Affected Systems

Products:
  • GLPI
Versions: up to 10.0.17
Operating Systems: All platforms running GLPI
Default Config Vulnerable: ⚠️ Yes
Notes: All GLPI installations using affected versions are vulnerable regardless of configuration.

📦 What is this software?

Glpi by Glpi Project

View all CVEs affecting Glpi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise or system infection.

🟠

Likely Case

Attackers use the redirect for phishing campaigns, tricking users into visiting malicious sites that appear legitimate.

🟢

If Mitigated

With proper user awareness training and browser security settings, users might recognize suspicious redirects before providing sensitive information.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available and require minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.0.18

Vendor Advisory: https://github.com/glpi-project/glpi/security/advisories/GHSA-g5fm-jq4j-c2c7

Restart Required: No

Instructions:

1. Backup your GLPI installation and database. 2. Download GLPI 10.0.18 from the official releases page. 3. Replace the existing GLPI files with the new version. 4. Run the update script if prompted. 5. Verify the installation is working correctly.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to restrict redirect URLs to trusted domains only.

Web Application Firewall Rule

all

Configure WAF to block requests containing external URLs in the redirect parameter.

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to restrict redirect destinations
  • Monitor web server logs for suspicious redirect parameter patterns

🔍 How to Verify

Check if Vulnerable:

Check your GLPI version by logging into the admin panel and viewing the version information, or check the GLPI configuration files.

Check Version:

Check the GLPI admin dashboard or examine the inc/config.php file for version information.

Verify Fix Applied:

After upgrading to 10.0.18, test the redirect functionality with external URLs to confirm they are blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests to /index.php with redirect parameter containing external domains
  • Unusual redirect patterns in access logs

Network Indicators:

  • Outbound connections to unexpected domains following GLPI access

SIEM Query:

source="web_server" AND uri="/index.php" AND query="*redirect=*" AND NOT query="*redirect=internal*"

📊 Metadata

CVE ID: CVE-2024-11955
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-601
EPSS Score: 0.15% exploit probability (36.1th percentile)
Published: February 25, 2025
Last Updated: March 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11955, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)