CVE-2025-10695 – CVE-2025-10695 is a Server-Side Request Forgery... (How to Fix)

Q: What is the severity of CVE-2025-10695?

CVE-2025-10695 has a CVSS score of 5.3 (MEDIUM). CVE-2025-10695 is a Server-Side Request Forgery (SSRF) vulnerability in OpenSupports that allows unauthenticated attackers to make arbitrary network requests from the vulnerable server. This enables internal network scanning and interaction with internal services. Only OpenSupports version 4.11.0 is affected.

📋 TL;DR

CVE-2025-10695 is a Server-Side Request Forgery (SSRF) vulnerability in OpenSupports that allows unauthenticated attackers to make arbitrary network requests from the vulnerable server. This enables internal network scanning and interaction with internal services. Only OpenSupports version 4.11.0 is affected.

💻 Affected Systems

Products:

OpenSupports

Versions: 4.11.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects version 4.11.0 specifically. The diagnostic endpoints are exposed by default with 'any' permission.

📦 What is this software?

Opensupports by Opensupports

View all CVEs affecting Opensupports →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, exfiltrate sensitive data, or pivot to other internal systems by exploiting vulnerable services reachable from the OpenSupports server.

🟠

Likely Case

Internal network reconnaissance, scanning for open ports/services, and potentially accessing internal APIs or services that don't require authentication.

🟢

If Mitigated

Limited to network scanning capabilities if internal services are properly secured with authentication and network segmentation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires no authentication and is straightforward via HTTP requests to the diagnostic endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.11.1 or later

Vendor Advisory: https://github.com/opensupports/opensupports

Restart Required: Yes

Instructions:

1. Backup your OpenSupports installation and database. 2. Download OpenSupports 4.11.1 or later from GitHub. 3. Replace the existing installation files with the new version. 4. Restart your web server. 5. Verify the fix by checking the version.

🔧 Temporary Workarounds

Block Diagnostic Endpoints

all

Use web server configuration to block access to the vulnerable diagnostic endpoints

# For Apache: RewriteRule ^/diagnostic-endpoint - [F]
# For Nginx: location ~ ^/diagnostic-endpoint { return 403; }

Network Segmentation

linux

Restrict outbound network access from the OpenSupports server

# Use firewall rules to limit outbound connections
iptables -A OUTPUT -p tcp --dport 80 -j DROP
iptables -A OUTPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to limit the OpenSupports server's outbound network access
Deploy a web application firewall (WAF) with SSRF protection rules

🔍 How to Verify

Check if Vulnerable:

Check if running OpenSupports 4.11.0 by examining version files or admin panel. Test access to diagnostic endpoints without authentication.

Check Version:

Check the version.php file or admin panel. For CLI: grep -r '4.11.0' /path/to/opensupports/

Verify Fix Applied:

Verify version is 4.11.1 or later. Test that diagnostic endpoints now require authentication or return 403/404 errors.

📡 Detection & Monitoring

Log Indicators:

Unusual requests to diagnostic endpoints from external IPs
Multiple failed authentication attempts followed by diagnostic endpoint access

Network Indicators:

Outbound connections from OpenSupports server to internal IP ranges
Port scanning patterns originating from the OpenSupports server

SIEM Query:

source="web_server_logs" AND (uri="/diagnostic-endpoint" OR uri="/api/diagnostic") AND status="200"

📊 Metadata

CVE ID: CVE-2025-10695

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-918

EPSS Score: 0.07% exploit probability (20.3th percentile)

Published: October 3, 2025

Last Updated: December 22, 2025

🔗 References

https://fluidattacks.com/advisories/freer Exploit,Third Party Advisory
https://github.com/opensupports/opensupports Product
https://fluidattacks.com/advisories/freer Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10695, you might also want to check these: