4 matches found
CVE-2025-27632
A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing the site content through web-cache poisoning...
CVE-2025-27631
CVE-2025-27631 affects Hitachi Energy’s TRMTracker web application. Connected sources confirm an LDAP injection vulnerability in the TRMTracker component, enabling an attacker to inject code into queries and execute remote commands that can read and update data on the site. The issue is described...
CVE-2025-27632
A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request to leverage multiple attack vectors, including defacing the site content through web-cache poisoning...
CVE-2025-27632
Hitachi Energy TRMTracker web application is affected by a Host Header Injection vulnerability. An attacker can manipulate the Host header in HTTP requests to trigger multiple attack vectors, including web-cache poisoning defacement. Related sources also describe an LDAP injection path and a refl...