CVE-2025-67427 is a Blind Server-Side Request Forgery (SSRF) vulnerability identified in evershop version 2.1.0 and prior. The vulnerability arises from insufficient validation of the "src" query parameter in the "GET /images" API endpoint. An unauthenticated attacker can exploit this flaw by crafting a request that causes the server to initiate HTTP or HTTPS requests to arbitrary URIs, including internal network addresses or external systems. This can lead to unauthorized information disclosure or internal network scanning, as the attacker can infer responses based on server behavior despite the blind nature of the SSRF. The vulnerability is classified under CWE-918, which relates to improper restriction of outbound requests from a server. The CVSS v3.1 base score is 6.5, with attack vector network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impact limited to confidentiality and integrity (C:L/I:L/A:N). Although no exploits are currently known in the wild and no patches have been published, the risk remains significant due to the unauthenticated nature and potential for internal network reconnaissance or data leakage. The vulnerability does not affect availability directly but can be leveraged as a stepping stone for further attacks. Organizations using vulnerable versions of evershop should be aware of the risk and implement mitigations promptly.

For European organizations, this vulnerability poses a risk of unauthorized internal network reconnaissance and potential data leakage, which can compromise sensitive business information and customer data. Evershop is an e-commerce platform, so exploitation could lead to exposure of internal services, backend APIs, or cloud metadata endpoints, increasing the attack surface for further exploitation. The unauthenticated nature of the vulnerability means attackers can exploit it remotely without credentials, raising the threat level. Confidentiality and integrity of data may be impacted if attackers use SSRF to access internal resources or manipulate backend services. While availability is not directly affected, the vulnerability can facilitate lateral movement or privilege escalation within the network. Given the importance of e-commerce in Europe and strict data protection regulations such as GDPR, any data leakage or unauthorized access could result in regulatory penalties and reputational damage. Organizations relying on evershop should consider this vulnerability a medium risk but prioritize mitigation to prevent potential exploitation.

1. Implement strict input validation and sanitization on the "src" query parameter to allow only trusted and expected URIs, ideally using a whitelist approach. 2. Restrict outbound HTTP/HTTPS requests from the evershop server to only necessary external endpoints, blocking access to internal IP ranges and sensitive metadata services. 3. Employ network segmentation and firewall rules to limit the server's ability to reach internal services that should not be externally accessible. 4. Monitor server logs and network traffic for unusual outbound requests or patterns indicative of SSRF exploitation attempts. 5. If possible, upgrade to a patched version of evershop once available or apply vendor-provided mitigations. 6. Use Web Application Firewalls (WAFs) with rules designed to detect and block SSRF attack patterns targeting the "src" parameter. 7. Conduct regular security assessments and penetration tests focusing on SSRF and related vulnerabilities. 8. Educate development teams about secure coding practices to prevent similar input validation issues in the future.