Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-24379

WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.

Source

Severity High

Remote Yes

Type Information disclosure

Description

WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.

AVG-1228 yaws 2.0.7-2 High Vulnerable

https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html
https://github.com/erlyaws/yaws/commit/05a06345012598f5da55dbb4d041c8dc26e88e6c
https://github.com/vulnbe/poc-yaws-dav-xxe
https://vuln.be/post/yaws-xxe-and-shell-injections/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect