Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in the MprLogToFile::logEvent function in Mbedthis AppWeb 2.0.5-4, when the build supports logging but the configuration disables logging, allows remote attackers to cause a denial of service (daemon crash) via format string specifiers in the HTTP scheme, as demonstrated by a "GET %n://localhost:80/" request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mbedthis AppWeb URL协议格式串处理漏洞
Vulnerability Description
Mbedthis Software AppWeb是一款HTTP服务程序。 AppWeb在处理URL的协议部分时存在格式串错误,远程攻击者可能利用此漏洞导致拒绝服务。 在MprLogToFile::logEvent()函数中,如果没有定义实际的文件描述符,就会将一些错误记录到STDERR,执行以下调用: ======= start code ============ if (logFd < 0 & & level <= 1) { // // Always output fatal and error mes
CVSS Information
N/A
Vulnerability Type
N/A