Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-27632

A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing the site content through web-cache poisoning.

Published

2025-03-25T13:15:41.090

Last Modified

2025-10-24T13:15:46.917

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-644

Affected Vendors & Products

References

https://publisher.hitachienergy.com/preview?DocumentID=8DBD000210&LanguageCode=en&DocumentPartId=&Action=Launch ([email protected])