CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-16278

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score62.5690%
EPSS Percentile98.14th
Published2019年10月14日
Last Modified2025年11月6日

Vulnerability Description

Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.

Affected Platforms (CPE)

📦
Nazgul

Nostromo Nhttpd

< 1.9.7

References & Advisories

🔗 http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html
🔗 http://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html
🔗 http://www.nazgul.ch/dev/nostromo_cl.txt
🔗 https://git.sp0re.sh/sp0re/Nhttpd-exploits
🔗 https://sp0re.sh
🔗 http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html
🔗 http://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html
🔗 http://www.nazgul.ch/dev/nostromo_cl.txt

相关漏洞威胁

CVE-2019-162797.5

A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a...

CVE-2011-07517.5

Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary pro...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...