CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3187
https://notcve.org/view.php?id=CVE-2024-3187
17 Oct 2024 — This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are caused by JST values not being nulled when freed during parsing of JST templates. If the ME_GOAHEAD_JAVASCRIPT flag is enabled, a remote attacker with the privileges to modify JavaScript template (JST) files could exploit this by providing malicious templates. This may lead to memory corruption, potentially causing a Denial of Service (DoS) or, in rare cases, code execution,... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3187 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3186
https://notcve.org/view.php?id=CVE-2024-3186
17 Oct 2024 — CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates. Vulnerabilidad de desreferencia de puntero nulo CWE-476 en la función evalExpr() de GoAhead Web Server (versión <= 6.0.0) cuando se compila con el i... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3186 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3184
https://notcve.org/view.php?id=CVE-2024-3184
17 Oct 2024 — Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). Se encontraron múltiples vulnerabilidades de desreferencia de puntero nulo CWE-476 en GoAhead Web Server hasta la versión 6.0.0 cuando se compilaba con el indicador ... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3184 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41615
https://notcve.org/view.php?id=CVE-2021-41615
08 Aug 2022 — websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 (or RFC 2617 section 3.2.1). NOTE: 2.1.8 is a version from 2003; however, the affected websda.c code appears in multiple derivative works that may be used in 2021. Recent GoAhead software is unaffected. El archivo websda.c en GoAhead WebServer versió... • https://devel.rtems.org/browser/rtems/cpukit/httpd/websda.c?rev=c1427d2758079f0e9dd6a8de1662d78e0d6bc4ca • CWE-331: Insufficient Entropy •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43298
https://notcve.org/view.php?id=CVE-2021-43298
25 Jan 2022 — The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. This means that an unauthenticated network attacker can brute-force the HTTP basic password, byte-by-byte, by recording the webserver's response time until the unauthorized (401) response. El código que lleva a cabo la coincidencia de contraseñas cuando es usada la autenticación HTTP "Basic" no usa un memcmp de tiempo constante y no presenta limitación de velocidad. E... • https://github.com/embedthis/goahead/issues/304 • CWE-208: Observable Timing Discrepancy CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 9.8EPSS: 82%CPEs: 2EXPL: 3CVE-2021-42342
https://notcve.org/view.php?id=CVE-2021-42342
14 Oct 2021 — An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts. Se ha detectado un problema en GoAhead versiones 4.x y 5.x anteriores a 5.1.5. En el filtro de carga de archivos, las variables de formulario del usuario pueden pasarse a scripts CGI sin que se les anteponga el prefijo CGI. • https://github.com/Mr-xn/CVE-2021-42342 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2020-15688 – EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture Replay Nonce Reuse
https://notcve.org/view.php?id=CVE-2020-15688
23 Jul 2020 — The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. La autenticación de HTTP Digest en el servidor web de GoAhead versiones anteriores a 5.1.2 no protege completamente contra los ataques de repetición. Esto permite a un atacante remoto no autenticado eludir la autenticación a través... • https://packetstorm.news/files/id/159505 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 9.8EPSS: 77%CPEs: 3EXPL: 2CVE-2019-5096
https://notcve.org/view.php?id=CVE-2019-5096
03 Dec 2019 — An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on t... • https://github.com/ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2019-5097
https://notcve.org/view.php?id=CVE-2019-5097
03 Dec 2019 — A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server. Se presenta una vulnerabilidad de denegación de servicio en el procesamiento de peticiones datos de formulario multipart... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0889 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19240
https://notcve.org/view.php?id=CVE-2019-19240
22 Nov 2019 — Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response. Incruste GoAhead versiones anteriores a 5.0.1, maneja inapropiadamente las peticiones HTTP redireccionadas con un encabezado Host grande. GoAhead WebsRedirect utiliza un búfer de host estáti... • https://github.com/embedthis/goahead/issues/289 • CWE-787: Out-of-bounds Write CWE-908: Use of Uninitialized Resource •