Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote malicious users to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 9.0 |
||
debian debian linux 8.0 |
||
openocd open on-chip debugger 0.10.0 |