CNNVD-202508-1867 Information

CNNVD ID

CNNVD-202508-1867

Related CVE

CVE-2025-8066

• CNNVD Published: 2025-08-15

Description (Chinese)

BunkerWeb是Bunkerity开源的一个开源 Web 应用程序防火墙。 BunkerWeb 1.6.2版本存在输入验证错误漏洞，该漏洞源于URL重定向到不可信站点，可能导致钓鱼攻击。

Description (English)

BunkerWeb is an open source of the Bunkerity Open Source Web application firewall. Version 1.6.2 of BunkerWeb contains an input validation error loophole that originates from the re-direction of the URL to untrustworthy sites, which may lead to fishing attacks.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

Buoyant

Published

2025-08-15

Last Modified

2026-02-24

References

https://github.com/bunkerity/bunkerweb/releases/tag/v1.6.4 https://fluidattacks.com/advisories/cypress https://nvd.nist.gov/vuln/detail/CVE-2025-8066 https://access.redhat.com/security/cve/cve-2025-8066

Patch

https://github.com/bunkerity/bunkerweb/releases