← back
CVE-2018-8715

CVE-2018-8715

EPSS 19.9%
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blogs.securiteam.com/index.php/archives/3676https://github.com/embedthis/appweb/issues/610https://security.paloaltonetworks.com/CVE-2018-8715