admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2019-16278

Browse Source 
add CVE-2019-16278
This commit is contained in:
Goby 2023-04-21 11:25:45 +08:00 committed by GitHub
parent 296b8cd068
commit 2d3e32a4f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2019-16278 Normal file
View File

@ -0,0 +1,12 @@
## Nostromo nhttpd RCE (CVE-2019-16278)
| **Vulnerability** | **Nostromo nhttpd RCE (CVE-2019-16278)** |
| :----: | :-----|
| **Chinese name** | Nostromo nhttpd远程代码执行漏洞CVE-2019-16278 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [(header=\"Server: nostromo\" \|\| banner=\"Server: nostromo \")](https://en.fofa.info/result?qbase64=KGhlYWRlcj0iU2VydmVyOiBub3N0cm9tbyIgfHwgYmFubmVyPSJTZXJ2ZXI6IG5vc3Ryb21vICIp) |
| **Number of assets affected** | 3737 |
| **Description** | Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. |
| **Impact** | Nostromo nhttpd RCE (CVE-2019-16278) |
![](https://s3.bmp.ovh/imgs/2023/04/21/5cc3d5eeb458b766.gif)