Description

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for CGI scripts because strncpy is misused.

INFO

Published Date :

2024-10-09T00:00:00.000Z

Last Modified :

2025-03-19T14:33:22.360Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2023-46586 vulnerability.

Vendors Products
Weborf Project
  • Weborf
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-46586.

URL Resource
https://github.com/ltworf/weborf/commit/49824204add55aab0568d90a6b1e7c822d32120d cve-icon cve-icon
https://github.com/ltworf/weborf/commit/6f83c3e9ceed8b0d93608fd5d42b53c081057991 cve-icon cve-icon
https://github.com/ltworf/weborf/pull/88 cve-icon cve-icon
https://github.com/ltworf/weborf/pull/88/commits/7057d254b734dfc9cfb58983f901aa6ec3c94fd4 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact