Login Sign Up

CVE-2024-2465

7.1 HIGH
Open Redirect

📋 TL;DR

CVE-2024-2465 is an open redirection vulnerability in the CDeX application that allows attackers to redirect users to malicious websites via crafted URLs. This affects all CDeX application users running versions through 5.7.1, potentially leading to phishing attacks or malware distribution.

💻 Affected Systems

Products:
  • CDeX application
Versions: through 5.7.1
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments using affected versions are vulnerable unless specifically patched or configured with workarounds.

📦 What is this software?

Cdex by Cdex

View all CVEs affecting Cdex →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users are redirected to phishing sites that steal credentials or install malware, leading to account compromise, data theft, or ransomware infection.

🟠

Likely Case

Attackers use the vulnerability for phishing campaigns, tricking users into visiting malicious sites that mimic legitimate services to harvest credentials.

🟢

If Mitigated

With proper URL validation and user awareness training, impact is limited to unsuccessful redirection attempts with minimal damage.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Open redirection vulnerabilities are commonly exploited in phishing campaigns and require minimal technical skill to weaponize.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.7.2 or later

Vendor Advisory: https://cdex.cloud/

Restart Required: Yes

Instructions:

1. Download the latest version from the official CDeX website. 2. Backup current configuration. 3. Install the update following vendor instructions. 4. Restart the application service.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to reject URLs with external domains in redirection parameters

Configure web server or application firewall to filter redirect URLs containing external domains

Relative URL Enforcement

all

Modify application to only allow relative URLs for redirection

Update application code to parse and validate redirect URLs as relative paths only

🧯 If You Can't Patch

  • Implement WAF rules to block requests with external URLs in redirection parameters
  • Deploy network monitoring to detect and alert on suspicious redirect patterns

🔍 How to Verify

Check if Vulnerable:

Test by attempting to redirect to an external domain using application redirection functionality

Check Version:

Check application version in admin interface or configuration files

Verify Fix Applied:

After patching, test that external URL redirections are blocked and only relative/internal URLs work

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests with external URLs in redirect parameters
  • Unusual redirect patterns in access logs

Network Indicators:

  • Outbound connections to unexpected domains following application redirects

SIEM Query:

source="web_logs" AND (url CONTAINS "redirect=" OR url CONTAINS "url=") AND url CONTAINS "http://" OR url CONTAINS "https://"

📊 Metadata

CVE ID: CVE-2024-2465
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
CWE: CWE-601
Published: March 21, 2024
Last Updated: June 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-2465, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)