CVE-2025-34504 identifies an open redirect vulnerability (CWE-601) in KodExplorer version 4.52, a web-based file management and collaboration platform developed by kodcloud. The vulnerability exists on the user login page where the 'link' parameter is used to redirect users after authentication. Due to insufficient validation or sanitization of this parameter, attackers can craft malicious URLs embedding arbitrary external destinations. When a user clicks such a URL and successfully authenticates, they are redirected to the attacker-controlled site. This can be leveraged for phishing campaigns, credential harvesting, or delivering malware by exploiting user trust in the legitimate KodExplorer domain. The vulnerability does not require any privileges or authentication to exploit, but user interaction is necessary. The CVSS 4.0 vector (AV:N/AC:L/AT:N/UI:P/VC:L/VI:L/VA:N) indicates network attack vector, low attack complexity, no privileges required, user interaction required, and low impact on confidentiality and integrity. No patches or official fixes have been published as of the vulnerability disclosure date (December 11, 2025), and no active exploitation has been reported. KodExplorer is used globally, including in European organizations for internal file sharing and collaboration, making this vulnerability relevant for enterprise security teams. The lack of authentication requirement and ease of exploitation through crafted URLs make this a moderate risk that could facilitate social engineering and phishing attacks targeting users of the affected software.

For European organizations, this vulnerability can lead to increased phishing and social engineering risks by redirecting authenticated users to malicious external websites. This can result in credential theft, malware infections, or unauthorized data access if users are tricked into submitting sensitive information or downloading malicious payloads. While the vulnerability does not directly compromise the KodExplorer system or its data, the indirect impact on user trust and potential downstream attacks can be significant. Organizations relying on KodExplorer 4.52 for file management and collaboration may face reputational damage and operational disruptions if attackers exploit this flaw to compromise user accounts or spread malware. The medium severity reflects the moderate impact on confidentiality and integrity, with no direct availability impact. However, the ease of exploitation and lack of required privileges make it a practical vector for attackers targeting European enterprises, especially those with less mature user awareness or insufficient URL filtering controls.

1. Implement strict validation and sanitization of the 'link' parameter on the login page to ensure redirection only occurs to trusted internal URLs or whitelisted domains. 2. Apply URL allowlisting or domain restrictions within KodExplorer configuration or via web application firewalls (WAFs) to block external redirects. 3. Educate users to recognize suspicious URLs and avoid clicking on unexpected or unsolicited links, especially those purporting to be from KodExplorer. 4. Monitor web server logs for unusual redirect patterns or repeated access to the login page with manipulated 'link' parameters. 5. If possible, upgrade to a patched version of KodExplorer once available or apply vendor-provided mitigations. 6. Employ email and web gateway filtering to detect and block phishing attempts leveraging this vulnerability. 7. Consider implementing multi-factor authentication (MFA) to reduce the impact of credential theft resulting from phishing attacks. 8. Conduct regular security awareness training focused on phishing and social engineering threats related to URL redirection.