CVE-2025-57783

Improper header parsing may lead to request smuggling

Description

Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver.

INFO

Published Date :

2026-01-26T17:45:36.947Z

Last Modified :

2026-01-26T20:55:04.568Z

Source :

certcc

AFFECTED PRODUCTS

The following products are affected by CVE-2025-57783 vulnerability.

Vendors	Products
Hiawatha	Web Server
Hiawatha-webserver	Hiawatha

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-57783.

URL	Resource
https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/http.c?ref_type=heads#L205

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact