CVE-2025-1300
📋 TL;DR
CodeChecker web server versions through 6.24.5 contain an open redirect vulnerability that allows attackers to redirect users to malicious websites. This occurs due to insufficient validation of multiple slashes in URLs, which bypasses previous security fixes. Organizations using vulnerable CodeChecker installations are affected.
💻 Affected Systems
- CodeChecker
📦 What is this software?
Codechecker by Ericsson
⚠️ Risk & Real-World Impact
Worst Case
Attackers could redirect authenticated users to phishing sites to steal credentials or deliver malware, potentially leading to full system compromise.
Likely Case
Attackers use the redirect in phishing campaigns to trick users into visiting malicious sites, potentially stealing session tokens or credentials.
If Mitigated
With proper network segmentation and user awareness training, impact is limited to potential phishing attempts that users should recognize.
🎯 Exploit Status
Exploitation requires user interaction (clicking a link) but is technically simple to execute.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 6.24.6 or later
Vendor Advisory: https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm
Restart Required: Yes
Instructions:
1. Update CodeChecker to version 6.24.6 or later. 2. Restart the CodeChecker web server. 3. Verify the fix by testing the vulnerable URL pattern.
🔧 Temporary Workarounds
Web Server URL Filtering
allConfigure reverse proxy or web server to filter URLs with multiple slashes after the product name
# Example nginx configuration:
location ~* ^/codechecker//+ { return 403; }
Network Segmentation
linuxRestrict access to CodeChecker web interface to trusted networks only
# Example firewall rule (iptables):
iptables -A INPUT -p tcp --dport 8001 -s trusted_network -j ACCEPT
iptables -A INPUT -p tcp --dport 8001 -j DROP
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to restrict redirect destinations
- Deploy web application firewall (WAF) rules to detect and block open redirect attempts
🔍 How to Verify
Check if Vulnerable:
Test if accessing http://[codechecker-host]/codechecker//example.com redirects to example.comCheck Version:
codechecker-server --versionVerify Fix Applied:
After patching, the same test URL should return an error or normal page instead of redirecting📡 Detection & Monitoring
Log Indicators:
- HTTP 302 redirect responses with external domains in Location header
- URLs containing multiple slashes after '/codechecker/'
Network Indicators:
- Outbound HTTP requests from CodeChecker server to unexpected domains following redirect patterns
SIEM Query:
source="codechecker" AND (url="*//*" OR status=302)