![]() ![]() Mitigations Official UpgradeĪt present, the vulnerability has been fixed in the latest 5.1.0 version. Use the following command to view the Gohead Web Server version currently used. In the case of authentication, it is sent as GET or POST, and the requested resource is not required on the target server. An attacker constructing a malicious HTTP request may cause the server process to enter an infinite loop. CVE-2019-5097: Some versions of GoAhead Web Server have a denial of service vulnerability when processing multipart / form-data requests. It is a Web server tailored for embedded real-time operating systems (RTOS) and can run on multiple platforms.ĬVE-2019-5096: Some versions of GoAhead Web Server have a remote code execution vulnerability when processing multipart / form-data requests. GoAhead is an open source, simple, lightweight, and powerful embedded Web Server. On December 2, 2019, Cisco Talos publicly released reports of a remote code execution vulnerability (CVE-2019-5096) and a denial of service vulnerability (CVE-2019-5097) for the GoAhead web server.
0 Comments
Leave a Reply. |