CVE-2025-2418

MEDIUM 4.3

Open Redirect in TR7's Web Application Firewall

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

9th

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through 16022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-601
Vendor	tr7 cyber defense inc.
Product	web application firewall
Published	Feb 16, 2026
Last Updated	Mar 25, 2026

Stay Ahead of the Next One

Get instant alerts for tr7 cyber defense inc. web application firewall

Be the first to know when new medium vulnerabilities affecting tr7 cyber defense inc. web application firewall are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected Versions

TR7 Cyber Defense Inc. / Web Application Firewall

4.30 ≤ 16022026

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-26-0066

Credits

Regaip KURT

CVE-2025-2418

Open Redirect in TR7's Web Application Firewall

Get instant alerts for tr7 cyber ​​defense inc. web application firewall

CVSS v3 Breakdown

Affected Versions

References

Credits

Get instant alerts for tr7 cyber defense inc. web application firewall