CVE-2025-9648 | CivetWeb up to 1.16 HTTP POST Request mg_handle_form_request null byte or nul character

A vulnerability was found in CivetWeb up to 1.16. It has been rated as problematic. This affects the function mg_handle_form_request of the component HTTP POST Request Handler. Performing manipulation results in improper neutralization of null byte or nul character.

This vulnerability is known as CVE-2025-9648. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More