← volver
CVE-2025-12543

Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf

CVSS 9.6 CRITICALEPSS 1.2%CWE-20
Vexday Risk Score
48Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 9.6EPSS 1.2%KEV nãoPoC públicaNuclei Metasploit Patch referenciado
Ciclo de vida
07 ene 2026Publicada en NVD
01 abr 2026PoC pública
Recomendación: Planificar corrección próxima — ya existe PoC pública.
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
Productos afectados
Red Hat · Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11Red Hat · Red Hat build of Apache Camel - HawtIO 4Red Hat · Red Hat Data Grid 8Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Fuse 7Red Hat · Red Hat In-Vehicle Operating System 1Red Hat · Red Hat JBoss Enterprise Application PlatformRed Hat · Red Hat JBoss Enterprise Application Platform 7Red Hat · Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7Red Hat · Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8Red Hat · Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9Red Hat · Red Hat JBoss Enterprise Application Platform 8.0Red Hat · Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat · Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat · Red Hat JBoss Enterprise Application Platform 8.1Red Hat · Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8Red Hat · Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9Red Hat · Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat · Red Hat Process Automation 7Red Hat · Red Hat Single Sign-On 7
PoCs públicas encontradas1
githubgithub.com/kavin71725/CVE-2025-12543-Fix-for-Wildfly0
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2026:0383https://access.redhat.com/errata/RHSA-2026:0384https://access.redhat.com/errata/RHSA-2026:0386https://access.redhat.com/errata/RHSA-2026:3889https://access.redhat.com/errata/RHSA-2026:3890https://access.redhat.com/errata/RHSA-2026:3891https://access.redhat.com/errata/RHSA-2026:3892https://access.redhat.com/errata/RHSA-2026:4915https://access.redhat.com/errata/RHSA-2026:4916https://access.redhat.com/errata/RHSA-2026:4917https://access.redhat.com/errata/RHSA-2026:4924https://access.redhat.com/security/cve/CVE-2025-12543