Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
goahead webserver vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2002-1951
Buffer overflow in GoAhead WebServer 2.1 allows remote malicious users to execute arbitrary code via a long HTTP GET request with a large number of subdirectories.
Goahead Software Goahead Webserver 2.1
1 EDB exploit
755
VMScore
CVE-2002-0681
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote malicious users to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.
Goahead Software Goahead Webserver 2.1.5
Goahead Software Goahead Webserver 2.1.3
Goahead Software Goahead Webserver 2.1.4
Goahead Software Goahead Webserver 2.1.1
Goahead Software Goahead Webserver 2.1.2
1 EDB exploit
668
VMScore
CVE-2017-1000471
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.
Embedthis Goahead 4.0.0
668
VMScore
CVE-2016-2148
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
668
VMScore
CVE-2002-2431
Unspecified vulnerability in GoAhead WebServer prior to 2.1.4 allows remote malicious users to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c.
Goahead Goahead Webserver 2.1.2
Goahead Goahead Webserver 2.1.1
Goahead Goahead Webserver 2.1
Goahead Goahead Webserver 2.0
Goahead Goahead Webserver
641
VMScore
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
605
VMScore
CVE-2011-2716
The DHCP client (udhcpc) in BusyBox prior to 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.18.5
Busybox Busybox 1.18.4
Busybox Busybox 1.17.2
Busybox Busybox 1.18.3
Busybox Busybox 1.18.2
Busybox Busybox 1.17.0
Busybox Busybox 1.16.2
Busybox Busybox 1.16.1
Busybox Busybox 1.14.3
Busybox Busybox 1.14.2
Busybox Busybox 1.13.0
Busybox Busybox 1.12.4
Busybox Busybox 1.11.0
Busybox Busybox 1.10.4
Busybox Busybox 1.9.0
Busybox Busybox 1.8.2
Busybox Busybox 1.6.1
Busybox Busybox 1.6.0
Busybox Busybox 1.3.0
Busybox Busybox 1.2.2.1
Busybox Busybox 1.1.0
580
VMScore
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
505
VMScore
CVE-2007-6702
goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a password in the typepassword field, which allows remote malicious users to obtain this password by reading the HTML source, a different vulnerability than CVE-2002-1603.
Goahead Software Goahead Webserver
Goahead Software Fs4104-aw Device
1 EDB exploit
505
VMScore
CVE-2003-0169
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools prior to 5.55 allows remote malicious users to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
Hp Instant Toptools 5.04
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »