Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litespeedtech openlitespeed vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv3
CVE-2022-0072
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 up to and including 1.5.12, from 1.6.5 up to and including 1.6.20.1, from 1.7.0 prior to 1.7.16.1
Litespeedtech Openlitespeed
Litespeedtech Openlitespeed 1.5.12
Litespeedtech Openlitespeed 1.5.11
6.5
CVSSv3
CVE-2018-19791
The server in LiteSpeed OpenLiteSpeed prior to 1.5.0 RC6 does not correctly handle requests for byte sequences, allowing an malicious user to amplify the response size by requesting the entire response body repeatedly, as demonstrated by an HTTP Range header value beginning with ...
Litespeedtech Openlitespeed
Litespeedtech Openlitespeed 1.5.0
6.7
CVSSv3
CVE-2018-19792
The server in LiteSpeed OpenLiteSpeed prior to 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving .....
Litespeedtech Openlitespeed 1.5.0
Litespeedtech Openlitespeed
9.8
CVSSv3
CVE-2020-5519
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
Litespeedtech Openlitespeed
7.5
CVSSv3
CVE-2023-40518
LiteSpeed OpenLiteSpeed prior to 1.7.18 does not strictly validate HTTP request headers.
Litespeedtech Openlitespeed
1 Github repository
7.5
CVSSv3
CVE-2015-3890
Use-after-free vulnerability in Open Litespeed prior to 1.3.10.
Litespeedtech Openlitespeed
8.8
CVSSv3
CVE-2022-0073
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions prior to 1.7.16.1.
Litespeedtech Openlitespeed
8.8
CVSSv3
CVE-2022-0074
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 prior to 1.7.16.1.
Litespeedtech Openlitespeed
8.8
CVSSv3
CVE-2021-26758
Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows malicious users to gain root terminal access and execute commands on the host system.
Litespeedtech Openlitespeed 1.7.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started