TR7 Web Application Firewall Redirects to Untrusted Sites, Risking Phishing Attacks

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.3

TR7 Web Application Firewall Redirects to Untrusted Sites, Risking Phishing Attacks

CVE-2025-2418

Summary

A security issue in the TR7 Web Application Firewall allows attackers to trick users into visiting fake websites, potentially leading to phishing scams. This issue affects versions of the software from 4.30 to 16.02.2026. If you use this software, update to a patched version to protect your users from potential phishing attacks.

Original title

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through...

Original description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through 16022026.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

nvd CVSS3.1 4.3

Vulnerability type

CWE-601 Open Redirect

https://www.usom.gov.tr/bildirim/tr-26-0066

Published: 16 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026