CVE-1999-1456

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Dec 31, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1456 is a vulnerability affecting the thttpd HTTP server version 2.03 and earlier. Attackers can exploit this issue by making a GET request with a filename that contains more than one leading slash. This allows the attacker to read arbitrary files on the targeted system, posing a significant security risk. The vulnerability can be mitigated by upgrading to a patched version of the thttpd server or implementing appropriate access controls.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share