CVE-2026-3750 is a server-side request forgery vulnerability identified in ContiNew Admin software versions 4.0, 4.1, and 4.2.0. The vulnerability resides in the URI.create method of the S3ClientFactory.java file within the Storage Management Module. This flaw allows an attacker to manipulate the URI creation process, causing the server to send crafted requests to arbitrary internal or external resources. SSRF vulnerabilities can be leveraged to access internal services, bypass firewalls, or perform reconnaissance within a protected network environment. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), but with high privileges required (PR:H), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is low, suggesting limited direct damage but potential for indirect consequences. The vendor was contacted but has not responded or issued a patch, and no public exploits have been observed yet. This leaves organizations reliant on ContiNew Admin exposed to potential future attacks leveraging this SSRF flaw.

The SSRF vulnerability in ContiNew Admin could allow attackers to cause the affected server to initiate unauthorized requests to internal or external systems. This can lead to information disclosure of internal network details, access to internal services not otherwise exposed, or use as a pivot point for further attacks. While the direct impact on confidentiality, integrity, and availability is rated low, the ability to interact with internal resources can facilitate more severe attacks such as data exfiltration, lateral movement, or denial of service against internal components. Organizations using ContiNew Admin in critical infrastructure or sensitive environments face increased risk, especially if the software is internet-facing or integrated with sensitive storage systems. The lack of vendor response and patch availability prolongs exposure and complicates risk management. Although no active exploits are currently known, the public disclosure increases the likelihood of future exploitation attempts.

Organizations should immediately audit their ContiNew Admin deployments to identify affected versions (4.0, 4.1, 4.2.0). In the absence of an official patch, mitigations include restricting network access to the ContiNew Admin server, especially limiting outbound requests to trusted destinations only. Implement network-level controls such as egress filtering and firewall rules to prevent unauthorized SSRF exploitation. Monitor logs for unusual outbound requests originating from the ContiNew Admin server. If possible, isolate the server within a segmented network zone to reduce potential lateral movement. Review and harden the Storage Management Module configuration to minimize exposure. Engage with the vendor for updates and consider alternative solutions if remediation is delayed. Additionally, apply runtime application self-protection (RASP) or web application firewall (WAF) rules to detect and block SSRF attack patterns targeting the vulnerable URI.create function.