CVE-2025-68470
Open Redirect vulnerability in react-router (npm)

Open Redirect No known exploit

What is CVE-2025-68470 About?

This vulnerability allows an attacker to craft a malicious path that, when navigated to via `navigate()`, `<Link>`, or `redirect()` in a React Router application, causes a redirect to an external, potentially malicious, URL. This affects applications where developers pass untrusted content into navigation paths. Exploitation is of medium complexity.

Affected Software

  • react-router
    • >=7.0.0, <7.9.6
    • >=6.0.0, <6.30.2

Technical Details

The vulnerability occurs in React Router applications when an attacker-supplied path is used within navigate(), <Link>, or redirect() without proper validation. If untrusted content is directly incorporated into these navigation functions, an attacker can craft a URL that, when processed, leads to a redirect outside of the application's domain. This constitutes an open redirect, where the application's trusted domain is leveraged to redirect users to a potentially malicious third-party site. The core issue is the lack of strict validation and sanitization of user-provided or external content before it is used in navigation paths.

What is the Impact of CVE-2025-68470?

Successful exploitation may allow attackers to redirect users to arbitrary malicious websites, leading to phishing attacks, credential theft, or malware downloads.

What is the Exploitability of CVE-2025-68470?

Exploitation involves an attacker crafting a special URL that contains the redirect payload and then tricking a user into navigating to it or injecting it into an application feature. The complexity is medium, primarily due to the need for user interaction or successful injection. No specific authentication is generally required if the vulnerable navigation paths are accessible to unauthenticated users. Privilege requirements are low, as the attack leverages improper input validation rather than elevated permissions. Access is remote, as the attacker delivers the crafted URL to the victim. The critical condition is that developers must be directly passing untrusted content into React Router's navigation methods (navigate(), <Link>, or redirect()). The risk increases if the application commonly constructs navigation paths from user-provided data, such as query parameters or user-generated content, without validation.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for CVE-2025-68470?

Available Upgrade Options

  • react-router
    • >=6.0.0, <6.30.2 → Upgrade to 6.30.2
  • react-router
    • >=7.0.0, <7.9.6 → Upgrade to 7.9.6

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to CVE-2025-68470?

Similar Vulnerabilities: CVE-2023-45133 , CVE-2023-38035 , CVE-2023-34062 , CVE-2023-28103 , CVE-2023-28104

All Rights reserved 2025
Privacy Policy