Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2017-16102
serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16103
serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16104
citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16105
serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16106
tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16107
pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16108
gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16109
easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file such as /etc/passwd returns a "not supported" error.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-06-07
CVE-2017-16110
weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-06-07
CVE-2017-16111
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved