CVE-2018-25087

Arborator Server project.cgi start denial of service

CVSS 3.5 LOWEPSS 0.9%CWE-404

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 3.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

06 jun 2023Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The manipulation of the argument project leads to denial of service. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is identified as cdbdbcbd491db65e9d697ab4365605fdfab1a604. It is recommended to apply a patch to fix this issue. VDB-230662 is the identifier assigned to this vulnerability.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Productos afectados

Arborator · Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/Arborator/arborator-server/commit/cdbdbcbd491db65e9d697ab4365605fdfab1a604 https://vuldb.com/?ctiid.230662 https://vuldb.com/?id.230662