Skip to main content
CVE Vulnerability Database

CVE-2026-3125: OpenNext Cloudflare SSRF Vulnerability

CVE-2026-3125 is an SSRF vulnerability in @opennextjs/cloudflare that exploits path normalization in the /cdn-cgi/image/ handler, allowing attackers to bypass Cloudflare edge interception and fetch arbitrary remote URLs.

Published:

CVE-2026-3125 Overview

A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler. This vulnerability allows attackers to bypass Cloudflare's edge interception by substituting a backslash for a forward slash in the URL path, enabling unvalidated fetches of arbitrary remote URLs through victim domains.

The @opennextjs/cloudflare worker template includes a /cdn-cgi/image/ handler intended for development use only. In production environments, Cloudflare's edge normally intercepts /cdn-cgi/image/ requests before they reach the Worker. However, by using /cdn-cgi\image/ instead of /cdn-cgi/image/, an attacker can bypass this edge interception entirely. The JavaScript URL class then normalizes the backslash to a forward slash, causing the request to match the handler and trigger an unvalidated fetch of arbitrary remote URLs.

Critical Impact

Attackers can serve attacker-controlled content through a victim site's domain, violating the same-origin policy, potentially misleading users, and exposing private cache data stored under protected /cdn-cgi/ paths.

Affected Products

  • @opennextjs/cloudflare package (versions prior to 1.17.1)
  • Cloudflare Workers with Assets
  • Cloudflare Pages deployments

Discovery Timeline

  • 2026-03-04 - CVE CVE-2026-3125 published to NVD
  • 2026-03-05 - Last updated in NVD database

Technical Details for CVE-2026-3125

Vulnerability Analysis

This SSRF vulnerability exploits a discrepancy between how Cloudflare's edge infrastructure processes URL paths versus how the JavaScript URL class normalizes them within Workers. The core issue lies in inconsistent handling of path separators across different layers of the application stack.

The /cdn-cgi/image/ handler was designed as a development-only feature that should never be accessible in production environments. Cloudflare's edge infrastructure is supposed to intercept any requests to /cdn-cgi/ paths before they reach the Worker. However, when an attacker substitutes a backslash character (\) for the forward slash after cdn-cgi, the edge infrastructure fails to recognize this as a /cdn-cgi/ path and allows the request through.

Once the request reaches the Worker, the JavaScript URL class performs path normalization, converting the backslash to a forward slash. This normalization causes the previously bypassed path to now match the /cdn-cgi/image/ handler, triggering the vulnerable code path.

The impact extends beyond simple SSRF. The vulnerability also affects Cloudflare Workers with Assets and Cloudflare Pages, where assets stored under /cdn-cgi/ paths that should be private become publicly accessible. Notably, Open Next projects store incremental cache data under /cdn-cgi/_next_cache, which could expose sensitive cached application data.

Root Cause

The root cause is classified as CWE-706 (Use of Incorrectly-Resolved Name or Reference). The vulnerability stems from inconsistent path normalization between Cloudflare's edge infrastructure and the JavaScript URL class within Workers. The edge infrastructure does not normalize backslashes to forward slashes before making routing decisions, while the URL class does perform this normalization. This creates a security gap where crafted paths can bypass security controls at the edge but still match protected handlers within the Worker.

Attack Vector

The attack requires network access and can be executed without authentication or user interaction. An attacker crafts a URL replacing the forward slash after cdn-cgi with a backslash character. This request must be sent via HTTP clients that preserve backslashes in paths, such as curl with the --path-as-is flag.

For example, a malicious request like https://victim-site.com/cdn-cgi\image/aaaa/https://attacker.com would bypass edge interception, reach the Worker, get normalized to match the image handler, and then fetch content from the attacker-controlled URL. This content is then served through the victim's domain, effectively allowing attackers to proxy arbitrary content through trusted domains.

Note that this bypass does not work via standard web browsers, as browsers normalize backslashes to forward slashes before sending HTTP requests. However, HTTP clients, scripts, APIs, and backend services that preserve path characters can successfully exploit this vulnerability.

Detection Methods for CVE-2026-3125

Indicators of Compromise

  • HTTP access logs showing requests containing backslash characters in the path, particularly patterns matching /cdn-cgi\ or /cdn-cgi%5C
  • Outbound network connections from Workers to unexpected external domains or IP addresses
  • Unusual access patterns to /cdn-cgi/_next_cache or other protected asset paths

Detection Strategies

  • Implement web application firewall (WAF) rules to detect and block requests containing backslash characters in URL paths targeting /cdn-cgi endpoints
  • Monitor Worker execution logs for fetch requests to external URLs that were not explicitly whitelisted
  • Deploy anomaly detection to identify requests with unusual path encoding patterns

Monitoring Recommendations

  • Configure alerting for any HTTP requests containing \image/ or %5Cimage/ path segments in access logs
  • Monitor for increased outbound traffic from Workers to external domains that are not part of normal application behavior
  • Implement logging for all cache access operations under /cdn-cgi/_next_cache paths to detect unauthorized data exposure

How to Mitigate CVE-2026-3125

Immediate Actions Required

  • Upgrade @opennextjs/cloudflare package to version 1.17.1 or later immediately
  • Audit Worker configurations to ensure development-only handlers are not exposed in production deployments
  • Review access logs for historical exploitation attempts using backslash-based path bypass techniques

Patch Information

The vulnerability has been addressed in @opennextjs/cloudflare version 1.17.1. The fix is available through the official NPM package. For detailed information about the security fix, refer to the GitHub Pull Request that implemented the patch. The GitHub Security Advisory provides additional context and remediation guidance.

Workarounds

  • Deploy WAF rules at the edge to normalize or reject requests containing backslash characters in URL paths before they reach Workers
  • Implement input validation within Worker code to explicitly reject any requests containing backslash characters in path segments
  • If the /cdn-cgi/image/ handler is not required for your application, consider removing or disabling it entirely in production configurations
bash
# Update @opennextjs/cloudflare to patched version
npm update @opennextjs/cloudflare@1.17.1

# Verify the installed version
npm list @opennextjs/cloudflare

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.