CVE-2025-0167

moderate-risk

Published 2025-02-05

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.

Do I need to act?

0.33% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.4/10 Low

NETWORK / HIGH complexity

Affected Products (16)

Curl

Element Software

Ontap

Ontap Select Deploy Administration Utility

Ontap Tools

Solidfire \& Hci Management Node

Solidfire \& Hci Storage Node

Bootstrap Os

H300S Firmware

H410C Firmware

H410S Firmware

H500S Firmware

H610C Firmware

H610S Firmware

H615C Firmware

H700S Firmware

Affected Vendors

Haxx Netapp

References (5)

Vendor Advisory https://curl.se/docs/CVE-2025-0167.html

Vendor Advisory https://curl.se/docs/CVE-2025-0167.json

Exploit https://hackerone.com/reports/2917232

Third Party Advisory https://security.netapp.com/advisory/ntap-20250306-0008/

Vendor Advisory https://curl.se/docs/CVE-2025-0167.html

/ 100

moderate-risk

Severity 12/34 · Low

Exploitability 1/34 · Minimal

Exposure 18/34 · Moderate