Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-4535
cve-2009-4535
mongoose
web security
remote code disclosure
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.03 Low
EPSS
Percentile
90.9%
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.
Affected configurations
Node
valenokmongooseRange≤2.8.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| valenok:mongoose | valenok mongoose | le | 2.8.0 |
Related
prion
prion
Code injection
2009-12-31 19:30:00
cvelist
cvelist
CVE-2009-4535
2022-10-03 16:24:02
openvas
openvas
Mongoose Slash Character Remote File Disclosure Vulnerability
2010-08-02 00:00:00
Mongoose Web Server Source Code Disclosure Vulnerability
2010-01-09 00:00:00
nessus
nessus
Mongoose URI Trailing Slash Request Source Code Disclosure
2010-07-30 00:00:00
nvd
nvd
CVE-2009-4535
2009-12-31 19:30:00
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.03 Low
EPSS
Percentile
90.9%
Related for CVE-2009-4535