Published: 29/10/2018 Updated: 06/12/2018

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 357

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

ACME mini_httpd prior to 1.30 lets remote users read arbitrary files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
acme mini-httpd

Debian Bug report logs - #913095 CVE-2018-18778 Package: mini-httpd; Maintainer for mini-httpd is Debian QA Group <packages@qadebianorg>; Source for mini-httpd is src:mini-httpd (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Tue, 6 Nov 2018 21:21:01 UTC Severity: grave Tags: fixed-up ...

mini_httpd任意文件读取漏洞（CVE-2018-18778） Mini_httpd是一个微型的Http服务器，在占用系统资源较小的情况下可以保持一定程度的性能（约为Apache的90%），因此广泛被各类IOT（路由器，交换器，摄像头等）作为嵌入式服务器。而包括华为，zyxel，海康威视，树莓派等在内的厂商的旗下设备都曾

Goby extension doc.

Overview Goby has built-in API extension capabilities allowing goby-supported parts to be customized or enhanced This document includes following items: How to build, run, debug, test and release extensions How to use goby’s extensions and API better Guidelines and code example to help you get started quickly What can extensions do? Expand the workbench by adding

Scan CVE-2018-18778 with Python

CVE-2018-18778-Scanner Scan vulnerable versions of mini_httpd before 130 ACME mini_httpd before 130 lets remote users read arbitrary files Usage python3 CVE-2018-18778-Scannerpy <HOST>

CWE-200 http://www.acme.com/software/mini_httpd/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913095 https://nvd.nist.gov https://github.com/gobysec/GobyExtension

CVE-2018-18778

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect