CNNVD-202507-2880 Information

CNNVD ID

CNNVD-202507-2880

Related CVE

CVE-2025-4295

• CNNVD Published: 2025-07-22

Description (Chinese)

HotelRunner B2B是土耳其HotelRunner公司的一个为酒店行业提供业务管理与合作的软件工具。 HotelRunner B2B 04.06.2025之前版本存在安全漏洞，该漏洞源于证书主机不匹配验证不当，可能导致HTTP响应拆分。

Description (English)

HotelRunner B2B is a software tool for business management and cooperation with the hotel industry at HotelRunner, Turkey. Prior to the HotelRunner B2B-04.06.2025 version, there was a security loophole, which resulted from inadequate authentication of the certificate host, which could lead to HTTP responding to splits.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

HotelRunner

Published

2025-07-22

Last Modified

2026-02-24

References

https://www.usom.gov.tr/bildirim/tr-25-0169 https://access.redhat.com/security/cve/cve-2025-4295 https://nvd.nist.gov/vuln/detail/CVE-2025-4295

Patch

https://hotelrunner.com/en/