CVE-2025-40710
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-30

Last updated on: 2025-06-30

Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)

Description
Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Host header, can cause the VPN client to redirect or forward HTTP requests to servers other than those originally intended, leading to consequences such as open redirects or delivery of traffic to infrastructure controlled by an attacker. This does not imply a flaw in the target applications, but in how the VPN client internally handles outgoing headers and requests.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-30
Last Modified
2025-06-30
Generated
2026-05-07
AI Q&A
2025-06-30
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40710
EUVD
EUVD-2025-19527
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-40710 is a Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client version 12.9.2. It occurs because the VPN client improperly handles outgoing HTTP headers. When users access third-party web applications through the VPN tunnel, an attacker can forge the Host header, causing the VPN client to redirect or forward HTTP requests to unintended servers. This can lead to open redirects or sending traffic to attacker-controlled infrastructure. The vulnerability is in the VPN client itself, not in the third-party applications accessed through it. [1]


How can this vulnerability impact me? :

This vulnerability can cause your HTTP requests, when using the Hotspot Shield VPN client, to be redirected or forwarded to servers controlled by an attacker instead of the intended destination. This can result in open redirects or interception of your traffic by malicious parties, potentially exposing sensitive information or enabling further attacks. However, the overall severity is low (CVSS score 2.3). [1]


What immediate steps should I take to mitigate this vulnerability?

No solution or patch has been reported at this time. As an immediate step, avoid accessing third-party web applications through the Hotspot Shield VPN client version 12.9.2 or consider disabling the VPN client until a fix is available to prevent potential exploitation of the Host Header Injection vulnerability. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart