CVE-2025-32013

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-32013
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request to that URL using the httpx library with redirect following enabled. The application doesn't properly validate the callback URL, allowing attackers to specify internal network addresses and access internal resources.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc Exploit
https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc Exploit
Configurations

Configuration 1 (hide)

cpe:2.3:a:lnbits:lnbits:*:*:*:*:*:*:*:*
History

08 Apr 2025, 18:54

Type Values Removed Values Added
CPE cpe:2.3:a:lnbits:lnbits:*:*:*:*:*:*:*:*
References () https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc - () https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc - Exploit
First Time Lnbits lnbits
Lnbits
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5

07 Apr 2025, 14:17

Type Values Removed Values Added
References () https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc - () https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc -
Summary
  • (es) LNbits es un sistema de billetera y cuentas Lightning. Se ha descubierto una vulnerabilidad de Server-Side Request Forgery (SSRF) en la funcionalidad de gestión de autenticación LNURL de LNbits. Al procesar solicitudes de autenticación LNURL, la aplicación acepta un parámetro de URL de devolución de llamada y realiza una solicitud HTTP a dicha URL mediante la librería httpx con la función de redirección habilitada. La aplicación no valida correctamente la URL de devolución de llamada, lo que permite a los atacantes especificar direcciones de red internas y acceder a recursos internos.

06 Apr 2025, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-06 20:15

Updated : 2025-04-08 18:54

NVD link : CVE-2025-32013

Mitre link : CVE-2025-32013

CVE.ORG link : CVE-2025-32013

JSON object : View

Products Affected

lnbits

  • lnbits
CWE
CWE-918

Server-Side Request Forgery (SSRF)