CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3187
https://notcve.org/view.php?id=CVE-2024-3187
17 Oct 2024 — This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the ME_GOAHEAD_JAVASCRIPT flag is enabled, a remote attacker with the privileges to modify JavaScript template (JST) files could exploit this by providing malicious templates. This may lead to memory corruption, potentially causing a Denial of Service (DoS) or, in rare cases, code execution,... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3187 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3186
https://notcve.org/view.php?id=CVE-2024-3186
17 Oct 2024 — CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates. Vulnerabilidad de desreferencia de puntero nulo CWE-476 en la función evalExpr() de GoAhead Web Server (versión <= 6.0.0) cuando se compila con el i... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3186 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3184
https://notcve.org/view.php?id=CVE-2024-3184
17 Oct 2024 — Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). Se encontraron múltiples vulnerabilidades de desreferencia de puntero nulo CWE-476 en GoAhead Web Server hasta la versión 6.0.0 cuando se compilaba con el indicador ... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3184 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41615
https://notcve.org/view.php?id=CVE-2021-41615
08 Aug 2022 — websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 (or RFC 2617 section 3.2.1). NOTE: 2.1.8 is a version from 2003; however, the affected websda.c code appears in multiple derivative works that may be used in 2021. Recent GoAhead software is unaffected. El archivo websda.c en GoAhead WebServer versió... • https://devel.rtems.org/browser/rtems/cpukit/httpd/websda.c?rev=c1427d2758079f0e9dd6a8de1662d78e0d6bc4ca • CWE-331: Insufficient Entropy •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-33254
https://notcve.org/view.php?id=CVE-2021-33254
01 Jun 2022 — An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function. Se ha detectado un problema en el archivo src/http/httpLib.c en EmbedThis Appweb Community Edition 8.2.1, que permite a atacantes causar una denegación de servicio por medio del parámetro stream de la función parseUri • https://awxylitol.github.io/2021/05/09/embedthis-appweb-npd-bug.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43298
https://notcve.org/view.php?id=CVE-2021-43298
25 Jan 2022 — The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. This means that an unauthenticated network attacker can brute-force the HTTP basic password, byte-by-byte, by recording the webserver's response time until the unauthorized (401) response. El código que lleva a cabo la coincidencia de contraseñas cuando es usada la autenticación HTTP "Basic" no usa un memcmp de tiempo constante y no presenta limitación de velocidad. E... • https://github.com/embedthis/goahead/issues/304 • CWE-208: Observable Timing Discrepancy CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.8EPSS: 82%CPEs: 2EXPL: 3CVE-2021-42342
https://notcve.org/view.php?id=CVE-2021-42342
14 Oct 2021 — An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts. Se ha detectado un problema en GoAhead versiones 4.x y 5.x anteriores a 5.1.5. En el filtro de carga de archivos, las variables de formulario del usuario pueden pasarse a scripts CGI sin que se les anteponga el prefijo CGI. • https://github.com/Mr-xn/CVE-2021-42342 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2020-15688 – EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture Replay Nonce Reuse
https://notcve.org/view.php?id=CVE-2020-15688
23 Jul 2020 — The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. La autenticación de HTTP Digest en el servidor web de GoAhead versiones anteriores a 5.1.2 no protege completamente contra los ataques de repetición. Esto permite a un atacante remoto no autenticado eludir la autenticación a través... • https://packetstorm.news/files/id/159505 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-15689
https://notcve.org/view.php?id=CVE-2020-15689
13 Jul 2020 — Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact range. This may result in a NULL pointer dereference and cause a denial of service. Appweb versiones anteriores a 7.2.2 y versiones 8.x anteriores a 8.1.0, cuando se construye con soporte CGI, maneja inapropiadamente una petición HTTP con un encabezado Range que carece de un rango exacto. Esto puede resultar en una desreferencia del puntero NULL y causar una denegación de... • https://github.com/embedthis/appweb-gpl/issues/2 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 77%CPEs: 3EXPL: 2CVE-2019-5096
https://notcve.org/view.php?id=CVE-2019-5096
03 Dec 2019 — An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on t... • https://github.com/ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit • CWE-416: Use After Free •