CVE-2018-25169

AMPPS 2.7 Denial of Service via Malformed Socket Connection

CVSS 8.7 HIGHEPSS 0.3%CWE-1188

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

06 Mar 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected products

Ampps · AMPPS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/45850 https://www.vulncheck.com/advisories/ampps-denial-of-service-via-malformed-socket-connection