Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme mini-httpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-17663
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
Acme Thttpd
Acme Mini Httpd
5
CVSSv2
CVE-2001-0893
Acme mini_httpd prior to 1.16 allows remote malicious users to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
Acme Mini Httpd
5
CVSSv2
CVE-2015-1548
mini_httpd 1.21 and previous versions allows remote malicious users to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.
Acme Mini Httpd
4
CVSSv2
CVE-2018-18778
ACME mini_httpd prior to 1.30 lets remote users read arbitrary files.
Acme Mini-httpd
3 Github repositories
5
CVSSv2
CVE-2009-4490
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Acme Mini Httpd 1.19
1 EDB exploit
NA
CVE-2024-0263
A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has bee...
Acme Ultra Mini Httpd 1.21
5
CVSSv2
CVE-2009-4491
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termin...
Acme Thttpd 2.25
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started