CVE-2025-43717 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.4 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
mitre	CNA	5.4 MEDIUM				CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 12%

Common Weakness Enumeration

CWE-531 - Inclusion of Sensitive Information in Test Code
Accessible test applications can pose a variety of security risks. Since developers or administrators rarely consider that someone besides themselves would even know about the existence of these applications, it is common for them to contain sensitive information or functions.

References

https://github.com/pear/HTTP_Request2/blob/b1c61b71128045734d757c4d3d436457ace80ea7/package.xml#L24

https://github.com/pear/HTTP_Request2/commit/07925aa77e441dba0ff0fa973a09802729cb838f

https://github.com/pear/HTTP_Request2/commit/265e05f9e08a28a38a57219516a8e4e2dfdbb147

https://github.com/pear/HTTP_Request2/compare/v2.6.0...v2.7.0