CVE-2025-24013

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 20, 2025

CWE ID 436

Summary

CVE-2025-24013 is a vulnerability affecting the CodeIgniter PHP web framework prior to version 4.5.8. The issue lies in the lack of proper header validation, allowing attackers to construct malformed headers using the Header class. This could potentially disrupt application functionality, causing errors or generating invalid HTTP requests. In some instances, these requests might trigger a Denial of Service scenario if a remote application firewall interprets them as malicious and blocks further communication with the application. This vulnerability has been addressed in version 4.5.8.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2h8y8N
https://www.cve.org/CVERecord?id=CVE-2025-24013
https://nvd.nist.gov/vuln/detail/CVE-2025-24013

Back to Vulnerability Database

CVE-2025-24013

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations