Login Sign Up

CVE-2025-10329

6.3 MEDIUM
SSRF

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in cdevroe unmark up to version 1.9.3. Attackers can manipulate the 'url' parameter in /application/controllers/Marks.php to make the server send unauthorized requests to internal or external systems. Users running unmark versions up to 1.9.3 are affected.

💻 Affected Systems

Products:
  • cdevroe unmark
Versions: up to 1.9.3
Operating Systems: All platforms running unmark
Default Config Vulnerable: ⚠️ Yes
Notes: All installations up to version 1.9.3 are vulnerable by default.

📦 What is this software?

Unmark by Unmark

View all CVEs affecting Unmark →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, or pivot to other systems by exploiting the server's network position.

🟠

Likely Case

Information disclosure from internal services, potential data exfiltration, or scanning of internal network resources.

🟢

If Mitigated

Limited impact if proper network segmentation and input validation are in place.

🌐 Internet-Facing: HIGH - Attack can be launched remotely without authentication.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this to pivot or access restricted services.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept exists in GitHub repository. Exploitation requires sending crafted requests to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.9.4 or later

Vendor Advisory: Not provided by vendor

Restart Required: No

Instructions:

1. Update unmark to version 1.9.4 or later. 2. If using package manager, run appropriate update command. 3. Verify the fix by checking version.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict URL validation to block SSRF attempts

Implement whitelist of allowed URL schemes and domains in application code

Network Segmentation

all

Restrict outbound network access from the unmark server

Configure firewall rules to block outbound HTTP/HTTPS from unmark server except to required services

🧯 If You Can't Patch

  • Implement Web Application Firewall (WAF) rules to block SSRF patterns
  • Monitor and alert on unusual outbound requests from the unmark server

🔍 How to Verify

Check if Vulnerable:

Check if unmark version is 1.9.3 or earlier. Test by sending SSRF payload to /application/controllers/Marks.php endpoint.

Check Version:

Check unmark version in admin panel or configuration files

Verify Fix Applied:

Verify version is 1.9.4 or later. Test SSRF payloads should be rejected.

📡 Detection & Monitoring

Log Indicators:

  • Unusual outbound HTTP requests from unmark server
  • Requests to internal IP addresses or localhost
  • Multiple failed URL validation attempts

Network Indicators:

  • Outbound HTTP requests from unmark server to unexpected destinations
  • Requests to internal network ranges

SIEM Query:

source_ip=unmark_server AND (dest_ip=127.0.0.0/8 OR dest_ip=10.0.0.0/8 OR dest_ip=172.16.0.0/12 OR dest_ip=192.168.0.0/16)

📊 Metadata

CVE ID: CVE-2025-10329
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-918
EPSS Score: 0.04% exploit probability (13.3th percentile)
Published: September 12, 2025
Last Updated: September 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10329, you might also want to check these:

CVE-2023-3432 10.0

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PlantUML versions prior to ...

Same vulnerability type (CWE-918)
CVE-2025-2828 10.0

This Server-Side Request Forgery (SSRF) vulnerability in langchain-community's RequestsToolkit allow...

Same vulnerability type (CWE-918)
CVE-2023-43654 10.0

TorchServe versions 0.1.0 to 0.8.1 have a critical vulnerability where the default configuration lac...

Same vulnerability type (CWE-918)