Primary

Context

Bitdefender GravityZone Console Server-Side Request Forgery Vulnerability

Vulnerability

A server-side request forgery (SSRF) vulnerability exists in Bitdefender GravityZone Console versions prior to 6.41.2.1. This vulnerability allows attackers to bypass input validation by sending crafted DNS requests with leading special characters. When combined with other potential vulnerabilities, this could lead to the execution of third-party code.

Impact

Exploitation of this vulnerability could allow for server-side request forgery, potentially leading to the execution of arbitrary third-party code.

Remediation

Users can update to Bitdefender GravityZone Console version 6.41.2-1 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bitdefender GravityZone Console Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating