Unrated severityOSV Advisory· Published Jan 26, 2026· Updated Jan 26, 2026
Tomahawk authentication timing attack due to usage of 'strcmp'
CVE-2025-57784
Description
Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
News mentions
0No linked articles in our index yet.