Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (.) or (2) trailing space in an HTTP request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mbedthis_appweb_http_server | Mbedthis_software | 1.0 (including) | 1.0 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.0.1 (including) | 1.0.1 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.0.2 (including) | 1.0.2 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.0.3 (including) | 1.0.3 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.0.4 (including) | 1.0.4 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.1 (including) | 1.1 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.1.1 (including) | 1.1.1 (including) |
Mbedthis_appweb_http_server | Mbedthis_software | 1.1.2 (including) | 1.1.2 (including) |