Cisco Talos researchers have identified two vulnerabilities in the GoAhead embedded web server, including a critical flaw that can be exploited for remote code execution.
Developed by EmbedThis, GoAhead is advertised as the “world’s most popular tiny embedded web server.” Both open source and enterprise versions are available and the vendor says GoAhead is present in hundreds of millions of devices. A Shodan search for GoAhead currently shows over 1.3 million internet-connected systems.
The critical GoAhead vulnerability discovered by Talos is related to how multi-part/form-data requests are processed. An unauthenticated attacker can exploit this weakness to trigger a use-after-free condition and execute arbitrary code on the server by sending specially crafted HTTP requests.
The security hole is tracked as CVE-2019-5096 and it has been assigned a CVSS score of 9.8.
The second flaw identified by Talos researchers in the GoAhead web server is CVE-2019-5097, which can be exploited by an unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted HTTP requests.
Malicious requests can cause the DoS condition by triggering an infinite loop in the process, Talos said. This issue is considered only “medium” in terms of severity.
Talos has reproduced the vulnerabilities on versions 5.0.1, 4.1.1 and 3.6.5. The company reported its findings to EmbedThis in late August and the vendor released patches for both security holes on November 21.
Cisco has published advisories, including technical information, for both vulnerabilities.
Despite being very popular, not many vulnerabilities have been found in GoAhead in the past few years. A DoS flaw was disclosed earlier this year and a potentially serious remote code execution vulnerability — the weakness could be triggered only in special conditions — was made public in late 2017.
Related: ProFTPD Vulnerability Can Expose Servers to Attacks
Related: Critical Remote Code Execution Vulnerability Patched in Exim Email Server
Related: Hackers Target Recent Vulnerability in Exim Mail Server
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
