Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817)

Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the arbitrary file read and SSRF vulnerabilities in Apache Kafka (CVE-2025-27817); Because the Apache Kafka client does not strictly validate and restrict user input, an unauthenticated attacker can elevate the file system/environment/URL access rights of the REST API by constructing malicious configurations […]

The post Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817) appeared first on Security Boulevard.