CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43298
https://notcve.org/view.php?id=CVE-2021-43298
The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. This means that an unauthenticated network attacker can brute-force the HTTP basic password, byte-by-byte, by recording the webserver's response time until the unauthorized (401) response. El código que lleva a cabo la coincidencia de contraseñas cuando es usada la autenticación HTTP "Basic" no usa un memcmp de tiempo constante y no presenta limitación de velocidad. Esto significa que un atacante de red no autenticado puede forzar la contraseña básica HTTP, byte a byte, registrando el tiempo de respuesta del servidor web hasta la respuesta no autorizada (401) • https://github.com/embedthis/goahead/issues/304 • CWE-208: Observable Timing Discrepancy CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 1CVE-2020-15688 – EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture Replay Nonce Reuse
https://notcve.org/view.php?id=CVE-2020-15688
The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. This allows an unauthenticated remote attacker to bypass authentication via capture-replay if TLS is not used to protect the underlying communication channel. La autenticación de HTTP Digest en el servidor web de GoAhead versiones anteriores a 5.1.2 no protege completamente contra los ataques de repetición. Esto permite a un atacante remoto no autenticado eludir la autenticación a través de la captura-reproducción si no se utiliza el TLS para proteger el canal de comunicación subyacente A security vulnerability affecting GoAhead versions 2 to 5 has been identified when using Digest authentication over HTTP. The HTTP Digest Authentication in the GoAhead web server does not completely protect against replay attacks. • http://packetstormsecurity.com/files/159505/EmbedThis-GoAhead-Web-Server-5.1.1-Digest-Authentication-Capture-Replay-Nonce-Reuse.html https://github.com/embedthis/goahead-gpl/issues/3 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19240
https://notcve.org/view.php?id=CVE-2019-19240
Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak uninitialized data in a response. Incruste GoAhead versiones anteriores a 5.0.1, maneja inapropiadamente las peticiones HTTP redireccionadas con un encabezado Host grande. GoAhead WebsRedirect utiliza un búfer de host estático que posee una longitud limitada y puede desbordarse. • https://github.com/embedthis/goahead/issues/289 https://github.com/embedthis/goahead/issues/290 https://github.com/embedthis/goahead/releases/tag/v5.0.1 • CWE-787: Out-of-bounds Write CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 17%CPEs: 2EXPL: 0CVE-2019-12822
https://notcve.org/view.php?id=CVE-2019-12822
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself. En el archivo http.c en Embedthis GoAhead anterior a versión 4.1.1 y versión 5.x anterior a la 5.0.1, una vulnerabilidad en el análisis de encabezado provoca una aserción de memoria, una referencia de memoria fuera de límites y un potencial DoS, como fue demostrado por dos puntos en una línea por sí misma. • https://github.com/embedthis/goahead/compare/5349710...579f21f https://github.com/embedthis/goahead/issues/285 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 7.5EPSS: 0%CPEs: 459EXPL: 2CVE-2018-15504
https://notcve.org/view.php?id=CVE-2018-15504
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11. Se ha descubierto un problema en Embedthis GoAhead en versiones anteriores a la 4.0.1 y Appweb anteriores a la 7.0.2. El servidor maneja incorrectamente algunos campos request HTTP asociados con time, lo que resulta en una desreferencia de puntero NULL, tal y como queda demostrado con If-Modified-Since o If-Unmodified-Since con mes mayor a 11. • https://github.com/embedthis/appweb/commit/66067ae6d1fa08b37a270e7dc1821df52ed2daef https://github.com/embedthis/appweb/issues/605 https://github.com/embedthis/goahead/issues/264 https://supportportal.juniper.net/s/article/2019-07-Security-Bulletin-Junos-OS-J-Web-Denial-of-Service-due-to-multiple-vulnerabilities-in-Embedthis-Appweb-Server https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved • CWE-476: NULL Pointer Dereference •