exploitDog

CVE-2025-57784

Опубликовано: 26 янв. 2026

Источник: nvd

CVSS3: 4

EPSS Низкий

Описание

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client.

Ссылки

https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/tomahawk.c?ref_type=heads#L429

EPSS

Процентиль: 1%

0.00012

Низкий

4 Medium

CVSS3

Дефекты

Связанные уязвимости

CVE-2025-57784

CVSS3: 4

debian

12 дней назад

Tomahawk auth timing attack due to usage of `strcmp` has been identifi ...

GHSA-h568-qr59-9xpj

CVSS3: 4

github

12 дней назад

Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client.

EPSS

Процентиль: 1%

0.00012

Низкий

4 Medium

CVSS3

Дефекты