CVE-2025-8066 is an Open Redirect vulnerability (CWE-601) identified in Bunkerity's Bunker Web version 1.6.2 running on Linux systems. This vulnerability allows an attacker to craft malicious URLs that redirect users from a legitimate Bunker Web domain to an untrusted external site without proper validation or authorization. The primary risk associated with this vulnerability is phishing, where attackers can exploit the trust users place in the legitimate Bunker Web domain to lure them into visiting malicious websites, potentially leading to credential theft, malware installation, or other social engineering attacks. The vulnerability does not require authentication (PR:L) but does require user interaction (UI:A), meaning that the user must click on or otherwise engage with the malicious link for exploitation to occur. The CVSS 4.0 base score is 4.8, indicating a medium severity level. The attack vector is network-based (AV:N), with low attack complexity (AC:L), and no privileges required. The vulnerability impacts the integrity of user navigation and the confidentiality of user data by enabling phishing attacks but does not directly affect system availability or integrity of the Bunker Web application itself. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is limited to version 1.6.2 of Bunker Web, which is a web application product by Bunkerity.

For European organizations using Bunker Web 1.6.2, this vulnerability poses a significant risk primarily in the form of phishing attacks that can lead to credential compromise and unauthorized access to sensitive systems. Since Bunker Web is a web-based platform, users trusting the legitimate domain may be deceived into visiting malicious sites, potentially exposing corporate credentials or sensitive information. This can lead to further lateral movement within the organization, data breaches, or deployment of malware. The medium severity rating reflects that while the vulnerability does not directly compromise system integrity or availability, the indirect consequences via phishing can be severe, especially in sectors handling sensitive data such as finance, healthcare, and government. The requirement for user interaction means that user awareness and training are critical factors in mitigating risk. Additionally, the lack of patches increases exposure time. European organizations are subject to strict data protection regulations (e.g., GDPR), and phishing-induced breaches could result in regulatory penalties and reputational damage.

1. Immediate mitigation should include implementing input validation and strict URL whitelisting on the Bunker Web application to prevent open redirects. 2. Organizations should monitor and audit web traffic for suspicious redirect patterns and block known malicious domains at the network perimeter. 3. User education campaigns should be intensified to raise awareness about phishing risks, emphasizing caution with unexpected links even if they appear to originate from trusted domains. 4. Deploy web application firewalls (WAF) with rules specifically targeting open redirect attempts and anomalous URL parameters. 5. Since no patch is currently available, consider upgrading to a later, unaffected version of Bunker Web once released or applying vendor-provided workarounds if any. 6. Implement multi-factor authentication (MFA) to reduce the impact of credential theft resulting from phishing. 7. Regularly review and update incident response plans to quickly address phishing incidents. 8. Collaborate with the vendor Bunkerity to obtain timely patches and security advisories.