Vulnerability Description
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Triton Inference Server | < 25.07 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://nvd.nist.gov/vuln/detail/CVE-2025-23317US Government Resource
- https://nvidia.custhelp.com/app/answers/detail/a_id/5687Vendor Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-23317Third Party Advisory
FAQ
What is CVE-2025-23317?
CVE-2025-23317 is a vulnerability with a CVSS score of 9.1 (CRITICAL). NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vuln...
How severe is CVE-2025-23317?
CVE-2025-23317 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-23317?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Triton Inference Server, Linux Linux Kernel, Microsoft Windows.