Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litespeedtech openlitespeed vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-0072
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 up to and including 1.5.12, from 1.6.5 up to and including 1.6.20.1, from 1.7.0 prior to 1.7.16.1
Litespeedtech Openlitespeed
Litespeedtech Openlitespeed 1.5.12
Litespeedtech Openlitespeed 1.5.11
356
VMScore
CVE-2018-19791
The server in LiteSpeed OpenLiteSpeed prior to 1.5.0 RC6 does not correctly handle requests for byte sequences, allowing an malicious user to amplify the response size by requesting the entire response body repeatedly, as demonstrated by an HTTP Range header value beginning with ...
Litespeedtech Openlitespeed 1.5.0
Litespeedtech Openlitespeed
409
VMScore
CVE-2018-19792
The server in LiteSpeed OpenLiteSpeed prior to 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving .....
Litespeedtech Openlitespeed 1.5.0
Litespeedtech Openlitespeed
NA
CVE-2022-0073
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions prior to 1.7.16.1.
Litespeedtech Openlitespeed
NA
CVE-2022-0074
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 prior to 1.7.16.1.
Litespeedtech Openlitespeed
446
VMScore
CVE-2015-3890
Use-after-free vulnerability in Open Litespeed prior to 1.3.10.
Litespeedtech Openlitespeed
668
VMScore
CVE-2020-5519
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
Litespeedtech Openlitespeed
NA
CVE-2023-40518
LiteSpeed OpenLiteSpeed prior to 1.7.18 does not strictly validate HTTP request headers.
Litespeedtech Openlitespeed
1 Github repository
801
VMScore
CVE-2021-26758
Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows malicious users to gain root terminal access and execute commands on the host system.
Litespeedtech Openlitespeed 1.7.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started