CVE-2025-54414 (GCVE-0-2025-54414)
Vulnerability from cvelistv5
Published
2025-07-26 03:30
Modified
2025-07-28 14:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript code or trigger other nonstandard schemes. An incomplete version of this fix was tagged at 1.21.2 and then the release process was aborted upon final testing. To work around this issue: block any requests to the /.within.website/x/cmd/anubis/api/pass-challenge route with the ?redir= parameter set to anything that doesn't start with the URL scheme http, https, or no scheme (local path redirect). This was fixed in version 1.21.3.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-28T14:11:31.281544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-28T14:12:08.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "anubis",
"vendor": "TecharoHQ",
"versions": [
{
"status": "affected",
"version": "\u003c 1.21.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Anubis is a Web AI Firewall Utility that weighs the soul of users\u0027 connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript code or trigger other nonstandard schemes. An incomplete version of this fix was tagged at 1.21.2 and then the release process was aborted upon final testing. To work around this issue: block any requests to the /.within.website/x/cmd/anubis/api/pass-challenge route with the ?redir= parameter set to anything that doesn\u0027t start with the URL scheme http, https, or no scheme (local path redirect). This was fixed in version 1.21.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-26T03:32:47.245Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c"
},
{
"name": "https://github.com/TecharoHQ/anubis/pull/904",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TecharoHQ/anubis/pull/904"
},
{
"name": "https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3"
}
],
"source": {
"advisory": "GHSA-jhjj-2g64-px7c",
"discovery": "UNKNOWN"
},
"title": "Anubis accepts crafted redirect URLs in pass-challenge \u0027Try Again\u0027 buttons"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54414",
"datePublished": "2025-07-26T03:30:28.951Z",
"dateReserved": "2025-07-21T23:18:10.280Z",
"dateUpdated": "2025-07-28T14:12:08.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54414\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-26T04:16:06.987\",\"lastModified\":\"2025-07-29T14:14:55.157\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Anubis is a Web AI Firewall Utility that weighs the soul of users\u0027 connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript code or trigger other nonstandard schemes. An incomplete version of this fix was tagged at 1.21.2 and then the release process was aborted upon final testing. To work around this issue: block any requests to the /.within.website/x/cmd/anubis/api/pass-challenge route with the ?redir= parameter set to anything that doesn\u0027t start with the URL scheme http, https, or no scheme (local path redirect). This was fixed in version 1.21.3.\"},{\"lang\":\"es\",\"value\":\"Anubis es una utilidad de firewall web con inteligencia artificial que eval\u00faa el estado de las conexiones de los usuarios mediante uno o m\u00e1s desaf\u00edos para proteger los recursos de origen de bots rastreadores. En las versiones 1.21.2 y anteriores, los atacantes pueden manipular p\u00e1ginas maliciosas de desaf\u00edo de paso que provocan que el usuario ejecute c\u00f3digo JavaScript arbitrario o activen otros esquemas no est\u00e1ndar. Una versi\u00f3n incompleta de esta correcci\u00f3n se registr\u00f3 en la versi\u00f3n 1.21.2 y posteriormente se cancel\u00f3 el proceso de lanzamiento tras las pruebas finales. Para solucionar este problema: bloquee cualquier solicitud a la ruta /.within.website/x/cmd/anubis/api/pass-challenge con el par\u00e1metro ?redir= establecido en cualquier URL que no comience con el esquema http, https o ning\u00fan esquema (redireccionamiento a la ruta local). Esto se solucion\u00f3 en la versi\u00f3n 1.21.3.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-80\"},{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"references\":[{\"url\":\"https://github.com/TecharoHQ/anubis/pull/904\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54414\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-28T14:11:31.281544Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-28T14:12:00.853Z\"}}], \"cna\": {\"title\": \"Anubis accepts crafted redirect URLs in pass-challenge \u0027Try Again\u0027 buttons\", \"source\": {\"advisory\": \"GHSA-jhjj-2g64-px7c\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"TecharoHQ\", \"product\": \"anubis\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.21.3\"}]}], \"references\": [{\"url\": \"https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c\", \"name\": \"https://github.com/TecharoHQ/anubis/security/advisories/GHSA-jhjj-2g64-px7c\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/TecharoHQ/anubis/pull/904\", \"name\": \"https://github.com/TecharoHQ/anubis/pull/904\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3\", \"name\": \"https://github.com/TecharoHQ/anubis/releases/tag/v1.21.3\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Anubis is a Web AI Firewall Utility that weighs the soul of users\u0027 connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript code or trigger other nonstandard schemes. An incomplete version of this fix was tagged at 1.21.2 and then the release process was aborted upon final testing. To work around this issue: block any requests to the /.within.website/x/cmd/anubis/api/pass-challenge route with the ?redir= parameter set to anything that doesn\u0027t start with the URL scheme http, https, or no scheme (local path redirect). This was fixed in version 1.21.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-80\", \"description\": \"CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-26T03:32:47.245Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54414\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-28T14:12:08.914Z\", \"dateReserved\": \"2025-07-21T23:18:10.280Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-26T03:30:28.951Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…