← back
CVE-2025-12601

Denial of Service Due to SlowLoris

CVSS 10 CRITICALEPSS 0.3%CWE-730
In short

A Slowloris attack can overwhelm web servers by sending many incomplete requests very slowly, exhausting server resources and making the service unavailable to legitimate users.

Technical detail

The vulnerability allows a remote attacker to execute a Slowloris-based denial of service attack by maintaining multiple slow, incomplete HTTP connections to the affected BLU-IC2 and BLU-IC4 devices (versions ≤1.19.5), exhausting connection pools and server threads without requiring authentication or special privileges.

Summary generated and translated by AI from the official description.
Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Azure Access Technology · BLU-IC2Azure Access Technology · BLU-IC4

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://azure-access.com/security-advisories