Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An attacker with physical access to the application's source code or binary can extract this key & use it decrypt the TLS secret.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SFedir Tsapana Simple HTTP Server PLUS 安全漏洞
Vulnerability Description
Fedir Tsapana Simple HTTP Server PLUS是Fedir Tsapana公司的一个允许您运行具有静态内容的小型本地 HTTP 服务器的应用程序。 Fedir Tsapana Simple HTTP Server PLUS 1.8.1-plus及之前版本存在安全漏洞,该漏洞源于应用程序包含硬编码的 AES 加密密钥,攻击者利用该漏洞可以在知道加密密钥后,在传输过程中拦截并可能修改数据。
CVSS Information
N/A
Vulnerability Type
N/A