CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 2CVE-2020-24379 – Yaws 2.0.7 XML Injection / Command Injection
https://notcve.org/view.php?id=CVE-2020-24379
WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. Una implementación de WebDAV en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de tipo XXE. Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities. • https://github.com/erlyaws/yaws/commits/master https://github.com/vulnbe/poc-yaws-dav-xxe https://lists.debian.org/debian-lts-announce/2020/09/msg00022.html https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html https://usn.ubuntu.com/4569-1 https://vuln.be/post/yaws-xxe-and-shell-injections https://www.debian.org/security/2020/dsa-4773 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 57%CPEs: 4EXPL: 3CVE-2020-24916 – Yaws 2.0.7 XML Injection / Command Injection
https://notcve.org/view.php?id=CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. la implementación de CGI en el servidor web Yaws. (CVE-2020-24916) Una implementación de CGI en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de comandos del Sistema Operativo. Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities. • https://github.com/erlyaws/yaws/commits/master https://github.com/vulnbe/poc-yaws-cgi-shell-injection https://lists.debian.org/debian-lts-announce/2020/09/msg00022.html https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html https://usn.ubuntu.com/4569-1 https://vuln.be/post/yaws-xxe-and-shell-injections https://www.debian.org/security/2020/dsa-4773 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 0CVE-2016-1000108
https://notcve.org/view.php?id=CVE-2016-1000108
yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. yaws versiones anteriores a la versión 2.0.4, no intenta abordar los conflictos de espacio de nombres de RFC sección 3875 versión 4.1.18 y, por lo tanto, no protege las aplicaciones CGI de la presencia de datos de clientes no seguros en la variable de entorno HTTP_PROXY, lo que podría permitir a atacantes remotos redireccionar el tráfico HTTP saliente de la aplicación CGI hacia un servidor proxy arbitrario por medio de un encabezado Proxy especialmente diseñado en una petición HTTP, también se conoce como un problema "httpoxy". • http://www.openwall.com/lists/oss-security/2016/07/18/6 https://github.com/klacke/yaws/commit/9d8fb070e782c95821c90d0ca7372fc6d7316c78#diff-54053c47eb173a90c26ed19bd9d106c1 https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000108.json https://security-tracker.debian.org/tracker/CVE-2016-1000108 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2011-5025 – Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5025
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the text parameter to editPage.yaws. Varias vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en la aplicación de wiki en Yaws v1.88 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de (1) el parámetro de etiqueta para editTag.yaws, (2) el parámetro de índice de showOldPage.yaws, (3) el parámetro de nodo a allRefsToMe.yaws , o (4) el parámetro de texto a editPage.yaws. • https://www.exploit-db.com/exploits/17111 https://www.exploit-db.com/exploits/36498 http://www.securityfocus.com/bid/51276 https://sitewat.ch/Advisory/View/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •