CVE-2025-41082

Name of the Vulnerable Software and Affected Versions Altitude Communication Server (affected versions not specified)

Description An issue exists in Altitude Communication Server related to the handling of HTTP requests. Inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection, specifically utilizing Content-Length headers, can lead to a desynchronization between frontend and backend servers. This desynchronization may allow for request hiding, cache poisoning, or security bypass.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.