PT-2025-43062 · Unknown · Modelbackend
Published
2025-10-22
·
Updated
2026-04-06
·
CVE-2025-11915
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear |
Name of the Vulnerable Software and Affected Versions
versions prior to 2025-09-28
Description
A desynchronization issue exists between an HTTP proxy and the model backend. This affects communication within the model backend. Approximately 10,000 devices worldwide are potentially affected. The issue involves a disconnect between the proxy and the backend model, potentially leading to unpredictable behavior or service disruption. There are no specific API Endpoints or
variables mentioned in the provided information. The issue involves communication between the HTTP proxy and the model backend, specifically related to the modelBackend component.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
HTTP Request/Response Smuggling
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Modelbackend