Exploitation Summary
CVE-2024-25608 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' (U+FFFD), which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, (3) `noSuchEntryRedirect` parameter, and (4) others parameters that rely on HtmlUtil.escapeRedirect.
Nuclei Templates (1)
Liferay Portal - Open Redirect
MEDIUMVERIFIEDby daffainfo
Shodan:
http.favicon.hash:129457226
FOFA:
icon_hash=129457226
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2024-25608
Scores
CVSS v3
6.1
EPSS
0.0096
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2025-01-29
CWE
CWE-601
Status
published
Products (5)
com.liferay.portal/release.dxp.bom
0 - 7.2.10.fp19Maven
com.liferay.portal/release.portal.bom
7.2.0 - 7.4.3.19-ga19Maven
liferay/digital_experience_platform
7.2 (25 CPE variants)
liferay/digital_experience_platform
7.3 (5 CPE variants)
liferay/digital_experience_platform
7.4 (18 CPE variants)
Published
Feb 20, 2024
Tracked Since
Feb 18, 2026