From 2d3e32a4f441a2c92b9b61a5889c2df527168753 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Fri, 21 Apr 2023 11:25:45 +0800
Subject: [PATCH] Create CVE-2019-16278

add CVE-2019-16278
---
 CVE-2019-16278 | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 CVE-2019-16278

diff --git a/CVE-2019-16278 b/CVE-2019-16278
new file mode 100644
index 0000000..ba0b180
--- /dev/null
+++ b/CVE-2019-16278
@@ -0,0 +1,12 @@
+## Nostromo nhttpd RCE (CVE-2019-16278)
+
+|   **Vulnerability**  | **Nostromo nhttpd RCE (CVE-2019-16278)**  |
+| :----:   | :-----|
+|  **Chinese name**  | Nostromo nhttpd远程代码执行漏洞（CVE-2019-16278） |
+| **CVSS core**  | 9.8 |
+| **FOFA Query**  (click to view the results directly)| [(header=\"Server: nostromo\" \|\| banner=\"Server: nostromo \")](https://en.fofa.info/result?qbase64=KGhlYWRlcj0iU2VydmVyOiBub3N0cm9tbyIgfHwgYmFubmVyPSJTZXJ2ZXI6IG5vc3Ryb21vICIp) |
+| **Number of assets affected**  | 3737 |
+| **Description**  | Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. |
+| **Impact** | Nostromo nhttpd RCE (CVE-2019-16278) |
+
+![](https://s3.bmp.ovh/imgs/2023/04/21/5cc3d5eeb458b766.gif)