Detections
Analytics

CVE-2025-57784

No Score

Description

An authentication timing attack has been identified in the Tomahawk component of Hiawatha web server versions 8.5 through 11.7, which occurs due to the use of strcmp in the handle_admin function. This vulnerability allows a local attacker to access the management client.

References

https://kb.cert.org/vuls/id/461364

Details

Source: Mitre, NVD

Published: 2025-09-09