CVE-2025-45872 Information

Description

zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.

Reference

https://github.com/dengxmenglihua/cve/blob/main/ZrLog%20Blog%20System%20SSRF%20%2B%20File%20Overwrite%20Leading%20to%20RCE%20Vulnerability.md

Related CNNVD

CNNVD-202507-036 (Published: 2025-07-01)