Improper header parsing may lead to request smuggling_CVE-2025-57783

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver.

Basic Information

ID CVE-2025-57783

Source certcc

Published Jan 26, 2026 at 17:45

Modified Jan 26, 2026 at 20:55

Affected Product

Vendor Hiawatha

Product Hiawatha Web server

Version 11.7

Affected Versions Hiawatha Hiawatha Web server 11.7

References

gitlab.com /hsleisink/hiawatha/-/blame/master/src/http.c

{
    "lastseen": "",
    "description": "Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver.",
    "published": "2026-01-26T17:45:36.947Z",
    "modified": "2026-01-26T20:55:04.568Z",
    "type": "cve",
    "title": "Improper header parsing may lead to request smuggling",
    "source": "certcc",
    "references": "https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/http.c?ref_type=heads#L205",
    "id": "CVE-2025-57783",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Hiawatha Hiawatha Web server 11.7",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Hiawatha Web server",
    "version": "11.7",
    "vendor": "Hiawatha",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply