Cybersecurity Vulnerabilities

CVE-2025-13789: Critical SSRF Vulnerability in ZenTao – Upgrade Immediately!

November 30, 2025 - By 

Overview

CVE-2025-13789 describes a Server-Side Request Forgery (SSRF) vulnerability found in ZenTao, specifically affecting versions up to 21.7.6-8564. This vulnerability resides within the makeRequest function of the module/ai/model.php file. By manipulating the Base argument, attackers can potentially force the ZenTao server to make requests to arbitrary internal or external destinations, leading to information disclosure or other malicious activities. A public exploit is available, making immediate action crucial.

Technical Details

The vulnerability lies in the insufficient validation and sanitization of the Base parameter within the makeRequest function. An attacker can exploit this by injecting a malicious URL into the Base parameter, causing the server to initiate requests to that URL. This can bypass security controls and potentially expose sensitive data or internal services. The vulnerable code resides within the module/ai/model.php file.

CVSS Analysis

  • Severity: MEDIUM
  • CVSS Score: 6.3

A CVSS score of 6.3 indicates a medium severity vulnerability. While it may not grant immediate system compromise, the SSRF nature allows for potentially significant impact depending on the network configuration and internal services exposed.

Possible Impact

The successful exploitation of CVE-2025-13789 can lead to several severe consequences, including:

  • Information Disclosure: Attackers can potentially access sensitive data from internal services.
  • Internal Network Scanning: The vulnerability allows attackers to scan the internal network for other vulnerable services.
  • Denial of Service (DoS): By flooding internal or external targets with requests, attackers can cause a DoS.
  • Authentication Bypass: In some cases, SSRF can be leveraged to bypass authentication mechanisms.

Mitigation and Patch Steps

The recommended mitigation is to upgrade ZenTao to version 21.7.6 or later. This version includes a patch that addresses the vulnerability by properly validating and sanitizing the Base parameter. Follow these steps:

  1. Backup your ZenTao installation.
  2. Download the latest version of ZenTao (21.7.6 or later) from the official website.
  3. Follow the official upgrade instructions provided by ZenTao.
  4. Verify the upgrade was successful and that the vulnerability is no longer exploitable.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *