How to fix EUVD-2025-199947?

Within 24 hours: Identify all systems running MediaCrush 1.0.0/1.0.1 and assess exposure. Within 7 days: Implement WAF rules to block suspicious Host header values and monitor for exploitation attempts. Within 30 days: Upgrade to a patched version when available, or evaluate alternative media handling solutions if no patch timeline is provided by the vendor.

EUVD-2025-199947

| CVE-2025-13803 HIGH

2025-12-01 [email protected]

Information Disclosure

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 13:34 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 13:34 euvd

EUVD-2025-199947

CVE Published

Dec 01, 2025 - 03:15 nvd

HIGH 7.3

DescriptionNVD

A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely.

AnalysisAI

A security vulnerability in A vulnerability (CVSS 7.3). High severity vulnerability requiring prompt remediation.

Technical ContextAI

Vulnerability type not specified by vendor. CVSS 7.3 indicates high severity. Affects A vulnerability.

RemediationAI

Monitor vendor channels for patch availability.

EUVD-2025-199947 vulnerability details – vuln.today

Back

EUVD-2025-199947

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code