CVE-2025-47424
7.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C
Summary
Retool (self-hosted) before 3.196.0 allows Host header injection. When the BASE_DOMAIN environment variable is not set, the HTTP host header can be manipulated.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Retool | Retool | 3.18.1 <= 3.18.23 | affected |
| Retool | Retool | 3.20.1 <= 3.20.18 | affected |
| Retool | Retool | 3.22.1 <= 3.22.21 | affected |
| Retool | Retool | 3.24.1 <= 3.24.22 | affected |
| Retool | Retool | 3.26.4 <= 3.26.14 | affected |
| Retool | Retool | 3.28.3 <= 3.28.15 | affected |
| Retool | Retool | 3.30.1 <= 3.30.15 | affected |
| Retool | Retool | 3.32.1 <= 3.32.12 | affected |
| Retool | Retool | 3.33.1-stable <= 3.33.37-stable | affected |
| Retool | Retool | 3.52.1-stable <= 3.52.28-stable | affected |
| Retool | Retool | 3.75.1-stable <= 3.75.25-stable | affected |
| Retool | Retool | 3.114.1-stable <= 3.114.22-stable | affected |
| Retool | Retool | 3.148.1-stable <= 3.148.22-stable | affected |
Weaknesses
- CWE-348: CWE-348 Use of Less Trusted Source
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.