nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.
Max CVSS
9.8
EPSS Score
0.19%
Published
2023-01-11
Updated
2023-01-20
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.
Max CVSS
7.5
EPSS Score
1.14%
Published
2011-03-16
Updated
2018-10-09
2 vulnerabilities found