CVE-2025-34504 – KodExplorer 4.52 contains an open redirect vuln... (How to Fix)

Q: What is the severity of CVE-2025-34504?

CVE-2025-34504 has a CVSS score of 6.1 (MEDIUM). KodExplorer 4.52 contains an open redirect vulnerability in the user login page. Attackers can manipulate the 'link' parameter to redirect authenticated users to malicious external websites. This affects all users of KodExplorer 4.52.

📋 TL;DR

KodExplorer 4.52 contains an open redirect vulnerability in the user login page. Attackers can manipulate the 'link' parameter to redirect authenticated users to malicious external websites. This affects all users of KodExplorer 4.52.

💻 Affected Systems

Products:

KodExplorer

Versions: 4.52

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the web application login functionality.

📦 What is this software?

Kodexplorer by Kodcloud

View all CVEs affecting Kodexplorer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware after successful authentication.

🟠

Likely Case

Attackers use crafted URLs to redirect users to malicious sites for phishing or credential harvesting.

🟢

If Mitigated

Users are redirected only to trusted, validated URLs within the application.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction (clicking a malicious link) but is trivial to implement.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.53 or later

Vendor Advisory: https://github.com/kalcaddle/KodExplorer/releases/tag/4.53

Restart Required: No

Instructions:

1. Download KodExplorer 4.53 or later from the official repository. 2. Replace the vulnerable files with the patched version. 3. Verify the fix by testing the login redirect functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to restrict redirect URLs to trusted domains only.

Modify the login handler to validate the 'link' parameter against a whitelist of allowed domains.

🧯 If You Can't Patch

Implement a web application firewall (WAF) rule to block requests with external URLs in the 'link' parameter.
Educate users to avoid clicking on untrusted links and to verify URLs before authentication.

🔍 How to Verify

Check if Vulnerable:

Test the login page by appending a malicious URL to the 'link' parameter and checking if it redirects after login.

Check Version:

Check the version in the KodExplorer admin panel or review the application's version file.

Verify Fix Applied:

After patching, attempt the same test; the application should not redirect to external sites.

📡 Detection & Monitoring

Log Indicators:

Log entries showing redirects to external domains after login.

Network Indicators:

HTTP 302 redirect responses pointing to external URLs.

SIEM Query:

source="web_logs" AND (url CONTAINS "link=http" OR url CONTAINS "link=https") AND status=302

📊 Metadata

CVE ID: CVE-2025-34504

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-601

EPSS Score: 0.3% exploit probability (53.1th percentile)

Published: December 11, 2025

Last Updated: December 15, 2025

🔗 References

https://github.com/kalcaddle/KodExplorer/releases/tag/4.52 Release Notes
https://kodcloud.com/ Product
https://www.exploit-db.com/exploits/52245 Exploit,Third Party Advisory,VDB Entry
https://www.vulncheck.com/advisories/kodexplorer-open-redirect-vulnerability-via-user-login-endpoint Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34504, you might also want to check these: