Main Vulnerability Database Vulnerabilities #VU115189

#VU115189 Inconsistent interpretation of HTTP requests in hiawatha - CVE-2025-57783

Published: September 12, 2025

Vulnerability identifier: #VU115189

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-57783

CWE-ID: CWE-444

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
hiawatha

Software vendor:
Hiawatha

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests in the fetch_request function. A remote attacker can smuggle arbitrary requests and access restricted resources managed by the server.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.kb.cert.org/vuls/id/461364

#VU115189 Inconsistent interpretation of HTTP requests in hiawatha - CVE-2025-57783

Description

Remediation

External links

Please verify you're human