{"id":"CVE-2025-54122","summary":"Manager-io/Manager allows unauthenticated full read server-side request forgery in \"proxy\" endpoint","details":"Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an unauthenticated attacker to bypass network isolation and access restrictions, potentially enabling access to internal services, cloud metadata endpoints, and exfiltration of sensitive data from isolated network segments. This vulnerability is fixed in version 25.7.21.2525.","aliases":["GHSA-347w-cgwh-m895"],"modified":"2026-04-10T05:30:35.982431Z","published":"2025-07-21T20:28:26.690Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-918"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/54xxx/CVE-2025-54122.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/54xxx/CVE-2025-54122.json"},{"type":"ADVISORY","url":"https://github.com/Manager-io/Manager/security/advisories/GHSA-347w-cgwh-m895"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54122"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/manager-io/manager","events":[{"introduced":"0"},{"fixed":"0a9ed9f68cd065e710f39baf273c25e3a82c1966"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"25.7.21.2525"}]}}],"versions":["22.10.10.422","22.10.21.442","22.10.22.448","22.10.23.450","22.10.24.456","22.10.25.458","22.10.27.462","22.10.31.474","22.10.31.476","22.11.14.499","22.11.17.507","22.11.17.508","22.11.26.522","22.11.26.525","22.11.27.527","22.11.27.528","22.12.1.530","22.12.1.531","22.12.14.536","22.12.14.537","22.12.14.538","22.12.14.539","22.12.14.540","22.12.14.541","22.12.14.543","22.12.15.546","22.12.15.547","22.12.15.548","22.12.15.549","22.12.15.550","22.12.15.551","22.12.15.552","22.12.15.553","22.12.16.554","22.12.16.555","22.12.17.556","22.12.18.557","22.12.19.558","22.12.19.561","22.12.2.532","22.12.24.570","22.12.24.571","22.12.24.572","22.12.24.573","22.12.29.575","22.12.6.533","22.12.6.534","22.6.1.53","22.6.12.86","22.6.2.58","22.6.20.110","22.6.3.60","22.6.4.63","22.6.7.71","22.6.8.73","22.6.8.78","22.6.9.83","22.7.1.137","22.7.1.139","22.7.10.183","22.7.10.186","22.7.11.188","22.7.12.192","22.7.12.193","22.7.12.196","22.7.13.198","22.7.15.202","22.7.19.217","22.7.24.225","22.7.24.226","22.7.27.230","22.7.30.232","22.7.31.233","22.7.4.149","22.7.4.161","22.7.4.162","22.7.5.168","22.8.10.261","22.8.10.265","22.8.12.271","22.8.12.272","22.8.12.275","22.8.15.288","22.8.16.291","22.8.17.297","22.8.17.299","22.8.19.304","22.8.20.307","22.8.20.310","22.8.21.312","22.8.22.314","22.8.22.317","22.8.23.321","22.8.23.327","22.8.23.329","22.8.28.334","22.8.30.345","22.8.6.249","22.8.8.256","22.8.8.258","22.8.9.259","22.9.1.349","22.9.1.350","22.9.26.402","23.1.10.591","23.1.11.592","23.1.18.593","23.1.18.594","23.1.18.595","23.1.19.596","23.1.20.597","23.1.22.598","23.1.28.601","23.1.28.602","23.1.28.603","23.1.29.604","23.1.30.605","23.1.31.606","23.1.4.581","23.1.6.582","23.1.6.584","23.1.9.589","23.1.9.590","23.10.1.1015","23.10.1.1016","23.10.12.1034","23.10.12.1035","23.10.12.1036","23.10.12.1037","23.10.12.1043","23.10.13.1050","23.10.14.1057","23.10.14.1058","23.10.15.1062","23.10.15.1063","23.10.15.1064","23.10.15.1065","23.10.15.1066","23.10.15.1067","23.10.15.1068","23.10.16.1070","23.10.17.1074","23.10.18.1077","23.10.18.1078","23.10.18.1079","23.10.19.1081","23.10.19.1082","23.10.19.1083","23.10.19.1084","23.10.19.1085","23.10.19.1086","23.10.2.1021","23.10.20.1089","23.10.21.1095","23.10.21.1096","23.10.22.1097","23.10.22.1098","23.10.22.1100","23.10.23.1101","23.10.23.1102","23.10.23.1103","23.10.25.1106","23.10.28.1107","23.10.5.1025","23.10.6.1026","23.10.7.1027","23.10.8.1028","23.10.9.1029","23.10.9.1030","23.11.1.1115","23.11.13.1142","23.11.13.1143","23.11.2.1117","23.11.2.1118","23.11.2.1119","23.11.22.1155","23.11.23.1156","23.11.23.1158","23.11.24.1159","23.11.24.1164","23.11.25.1165","23.11.25.1166","23.11.25.1167","23.11.25.1168","23.11.26.1169","23.11.26.1170","23.11.26.1171","23.11.29.1184","23.11.6.1124","23.11.7.1125","23.11.8.1127","23.11.9.1129","23.11.9.1130","23.12.1.1191","23.12.12.1221","23.12.2.1197","23.12.2.1200","23.12.3.1201","23.12.3.1202","23.12.3.1203","23.12.3.1204","23.12.3.1205","23.12.31.1237","23.12.4.1206","23.12.5.1208","23.12.6.1210","23.12.6.1212","23.12.6.1213","23.12.6.1214","23.12.7.1215","23.12.7.1217","23.12.8.1218","23.12.9.1219","23.2.13.627","23.2.13.628","23.2.13.630","23.2.15.632","23.2.16.637","23.2.16.640","23.2.16.642","23.2.16.643","23.2.16.644","23.2.16.645","23.2.16.646","23.2.17.647","23.2.17.650","23.2.18.651","23.2.18.652","23.2.19.653","23.2.2.607","23.3.1.658","23.3.1.659","23.3.1.661","23.3.10.678","23.3.10.681","23.3.10.684","23.3.10.685","23.3.11.686","23.3.11.687","23.3.11.688","23.3.12.689","23.3.13.692","23.3.13.694","23.3.14.695","23.3.14.696","23.3.14.698","23.3.14.699","23.3.14.700","23.3.14.701","23.3.14.703","23.3.15.704","23.3.15.705","23.3.15.706","23.3.15.709","23.3.15.710","23.3.15.711","23.3.16.712","23.3.16.715","23.3.17.716","23.3.18.718","23.3.18.719","23.3.18.720","23.3.18.721","23.3.18.722","23.3.18.723","23.3.19.725","23.3.19.729","23.3.2.663","23.3.2.664","23.3.2.665","23.3.21.731","23.3.21.732","23.3.25.733","23.3.25.734","23.3.26.735","23.3.27.736","23.3.27.737","23.3.27.738","23.3.29.739","23.3.3.666","23.3.3.667","23.3.3.668","23.3.3.669","23.3.30.740","23.3.30.741","23.3.31.742","23.3.31.743","23.3.31.744","23.3.31.745","23.3.31.746","23.3.31.748","23.3.6.670","23.3.6.671","23.3.6.672","23.3.7.673","23.3.8.674","23.3.8.675","23.3.8.676","23.4.1.749","23.4.12.764","23.4.14.766","23.4.14.767","23.4.14.768","23.4.14.769","23.4.16.770","23.4.16.772","23.4.16.773","23.4.17.778","23.4.17.779","23.4.18.789","23.4.18.790","23.4.19.791","23.4.19.792","23.4.19.793","23.4.20.794","23.4.20.795","23.4.20.796","23.4.22.797","23.4.22.798","23.4.22.799","23.4.22.800","23.4.24.801","23.4.24.802","23.4.24.804","23.4.25.805","23.4.25.806","23.4.25.808","23.4.25.809","23.4.26.810","23.4.27.811","23.4.28.813","23.4.3.750","23.4.4.752","23.4.4.755","23.4.5.756","23.4.5.757","23.4.6.758","23.4.6.759","23.4.7.760","23.5.1.814","23.5.2.815","23.5.24.824","23.5.24.825","23.5.24.826","23.5.24.827","23.5.3.816","23.5.5.817","23.5.5.819","23.5.6.820","23.5.8.821","23.5.8.822","23.6.10.829","23.6.12.831","23.6.12.832","23.6.14.833","23.6.16.834","23.6.17.835","23.6.19.839","23.6.20.840","23.6.20.841","23.6.20.842","23.6.21.843","23.6.21.845","23.6.23.846","23.6.25.848","23.6.25.849","23.6.26.850","23.6.26.852","23.6.26.853","23.6.28.854","23.7.1.856","23.7.10.866","23.7.10.867","23.7.11.868","23.7.11.870","23.7.12.871","23.7.13.872","23.7.13.873","23.7.13.874","23.7.13.875","23.7.13.876","23.7.13.877","23.7.16.878","23.7.17.879","23.7.17.880","23.7.17.882","23.7.17.883","23.7.17.885","23.7.17.886","23.7.17.887","23.7.17.888","23.7.18.891","23.7.18.892","23.7.18.893","23.7.19.894","23.7.19.895","23.7.20.897","23.7.20.899","23.7.21.900","23.7.21.901","23.7.23.903","23.7.24.904","23.7.24.906","23.7.24.908","23.7.24.909","23.7.24.911","23.7.24.912","23.7.24.913","23.7.25.914","23.7.25.917","23.7.25.918","23.7.25.919","23.7.25.920","23.7.25.921","23.7.25.922","23.7.26.924","23.7.26.925","23.7.26.926","23.7.27.927","23.7.27.928","23.7.3.857","23.7.3.858","23.7.3.860","23.7.5.861","23.7.6.862","23.7.7.863","23.7.8.864","23.7.9.865","23.8.1.930","23.8.18.949","23.8.19.953","23.8.19.955","23.8.19.956","23.8.19.959","23.8.20.960","23.8.20.961","23.8.20.962","23.8.20.963","23.8.20.964","23.8.21.965","23.8.22.987","23.8.22.988","23.8.22.989","23.8.22.990","23.8.22.994","23.8.23.995","23.8.23.996","23.8.23.997","23.8.23.998","23.8.24.1000","23.8.24.999","23.8.25.1002","23.9.21.1010","23.9.30.1013","24.1.10.1265","24.1.11.1268","24.1.11.1269","24.1.11.1274","24.1.11.1275","24.1.11.1277","24.1.11.1279","24.1.17.1283","24.1.19.1287","24.1.2.1239","24.1.3.1242","24.1.3.1243","24.1.4.1244","24.1.4.1245","24.1.4.1247","24.1.4.1249","24.1.4.1250","24.1.6.1252","24.1.6.1253","24.1.7.1255","24.1.9.1260","24.1.9.1262","24.1.9.1263","24.1.9.1264","24.2.11.1290","24.2.12.1291","24.2.13.1292","24.2.13.1293","24.2.13.1294","24.2.13.1295","24.2.14.1296","24.2.14.1297","24.2.15.1298","24.2.15.1299","24.2.15.1302","24.2.15.1305","24.2.16.1306","24.2.19.1307","24.2.19.1308","24.2.19.1310","24.2.19.1311","24.2.19.1312","24.2.20.1313","24.2.21.1314","24.2.23.1315","24.2.23.1316","24.2.23.1317","24.2.26.1320","24.2.26.1322","24.2.27.1324","24.2.28.1328","24.2.28.1329","24.2.28.1330","24.2.28.1331","24.2.29.1332","24.2.29.1334","24.2.29.1336","24.3.10.1345","24.3.10.1347","24.3.25.1363","24.3.26.1364","24.3.26.1370","24.3.27.1373","24.3.28.1376","24.3.28.1377","24.3.29.1378","24.3.30.1380","24.3.31.1383","24.3.31.1385","24.3.5.1337","24.3.5.1338","24.3.5.1339","24.3.5.1340","24.4.1.1387","24.4.1.1388","24.4.11.1423","24.4.11.1424","24.4.11.1426","24.4.11.1427","24.4.12.1428","24.4.12.1430","24.4.12.1431","24.4.13.1433","24.4.14.1435","24.4.14.1436","24.4.15.1438","24.4.15.1439","24.4.16.1440","24.4.17.1441","24.4.2.1389","24.4.2.1391","24.4.24.1461","24.4.25.1463","24.4.3.1393","24.4.3.1394","24.4.3.1395","24.4.30.1476","24.4.30.1477","24.4.30.1478","24.4.30.1479","24.4.4.1397","24.4.4.1398","24.4.4.1399","24.4.4.1400","24.4.5.1401","24.4.5.1403","24.4.6.1404","24.4.6.1405","24.4.6.1406","24.4.6.1407","24.4.7.1414","24.4.7.1415","24.4.7.1417","24.4.8.1418","24.4.8.1419","24.5.1.1480","24.5.1.1481","24.5.1.1482","24.5.1.1484","24.5.10.1523","24.5.11.1527","24.5.11.1529","24.5.11.1530","24.5.13.1531","24.5.16.1534","24.5.16.1535","24.5.16.1536","24.5.17.1539","24.5.17.1540","24.5.18.1541","24.5.18.1542","24.5.18.1544","24.5.18.1545","24.5.18.1546","24.5.19.1547","24.5.19.1548","24.5.2.1486","24.5.2.1490","24.5.2.1491","24.5.2.1492","24.5.20.1549","24.5.20.1550","24.5.20.1551","24.5.20.1553","24.5.20.1554","24.5.20.1555","24.5.20.1556","24.5.20.1557","24.5.20.1558","24.5.21.1559","24.5.21.1560","24.5.21.1561","24.5.21.1562","24.5.22.1563","24.5.22.1565","24.5.22.1566","24.5.22.1567","24.5.22.1568","24.5.24.1569","24.5.24.1571","24.5.25.1575","24.5.26.1576","24.5.27.1579","24.5.27.1580","24.5.27.1581","24.5.27.1582","24.5.27.1584","24.5.27.1585","24.5.28.1586","24.5.28.1587","24.5.28.1588","24.5.28.1589","24.5.29.1590","24.5.29.1592","24.5.3.1498","24.5.30.1593","24.5.30.1594","24.5.30.1595","24.5.30.1596","24.5.30.1597","24.5.30.1598","24.5.30.1599","24.5.30.1600","24.5.30.1601","24.5.30.1602","24.5.31.1603","24.5.31.1604","24.5.31.1605","24.5.6.1516","24.5.7.1517","24.5.7.1518","24.5.7.1519","24.5.8.1521","24.6.1.1607","24.6.11.1637","24.6.12.1641","24.6.13.1642","24.6.13.1643","24.6.13.1644","24.6.13.1645","24.6.13.1646","24.6.13.1647","24.6.13.1648","24.6.13.1649","24.6.13.1650","24.6.13.1653","24.6.14.1654","24.6.14.1655","24.6.15.1656","24.6.15.1657","24.6.16.1659","24.6.16.1660","24.6.17.1661","24.6.17.1664","24.6.17.1665","24.6.18.1666","24.6.2.1608","24.6.2.1609","24.6.2.1610","24.6.2.1611","24.6.2.1612","24.6.2.1613","24.6.20.1667","24.6.20.1668","24.6.21.1669","24.6.21.1670","24.6.22.1671","24.6.22.1672","24.6.22.1673","24.6.23.1674","24.6.23.1675","24.6.25.1676","24.6.25.1678","24.6.25.1682","24.6.27.1687","24.6.27.1689","24.6.28.1690","24.6.28.1692","24.6.28.1693","24.6.28.1694","24.6.28.1697","24.6.29.1698","24.6.29.1700","24.6.3.1614","24.6.3.1615","24.6.30.1701","24.6.30.1702","24.6.30.1704","24.6.30.1707","24.6.4.1616","24.6.4.1618","24.6.4.1619","24.6.4.1620","24.6.4.1621","24.6.8.1634","24.7.10.1714","24.7.12.1717","24.7.12.1722","24.7.12.1727","24.7.12.1728","24.7.12.1729","24.7.15.1733","24.7.17.1735","24.7.2.1709","24.7.22.1747","24.7.24.1752","24.7.25.1755","24.7.29.1764","24.7.30.1765","24.7.31.1766","24.7.31.1767","24.7.31.1768","24.7.31.1769","24.7.4.1710","24.7.5.1711","24.7.7.1712","24.7.7.1713","24.8.1.1771","24.8.1.1776","24.8.1.1779","24.8.2.1780","24.8.2.1781","24.8.2.1782","24.8.3.1783","24.8.3.1784","24.8.3.1786","24.8.3.1787","24.8.4.1788","24.8.6.1798","24.8.6.1800","24.8.6.1801"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-54122.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}