all InfoSec news
VU#495801: muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
Aug. 4, 2022, 6:22 p.m. |
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
Versions 1.1.5 and earlier of the mu HTTP deamon (muhttpd) are vulnerable to path traversal via crafted HTTP request from an unauthenticated user. This vulnerability can allow unauthenticated users to download arbitrary files and collect private information on the target device.
Description
The muhttpd, hosted at SourceForge as an opensource project, is a lightweight webserver. This software is commonly used in customer premise equipment (CPE), such as home routers and small office routers, to provide device management capability through …
More from kb.cert.org / CERT Recently Published Vulnerability Notes
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Level 1 SOC Analyst
@ Telefonica Tech | Dublin, Ireland
Specialist, Database Security
@ OP Financial Group | Helsinki, FI
Senior Manager, Cyber Offensive Security
@ Edwards Lifesciences | Poland-Remote
Information System Security Officer
@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)
Senior Security Analyst - Protective Security (Open to remote across ANZ)
@ Canva | Sydney, Australia