GHSA-476P-R2WX-2WCH Downloads Resources over HTTP in ntfserver

Affected versions of ntfserver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...

Downloads Resources over HTTP in ntfserver

Affected versions of ntfserver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syst...

ntfserver file download vulnerability

The ntfserver is a centralized server for collecting and displaying ntfd data. A security vulnerability exists in ntfserver that originates when a program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary file wi...

Man-in-the-Middle (MitM)

ntfserver is vulnerable to man-in-the-middle MitM attacks. It is possible because it allows downloading of binary resources via HTTP. It can also lead to remote code execution RCE if the attacker replaces the requested binary with an attacker controlled binary being on the network or positioned i...

CVE-2016-10650

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...

CVE-2016-10650

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...

Remote code execution

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...

CVE-2016-10650

ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on the...

CVE-2016-10650

CVE-2016-10650 affects ntfserver (Network Testing Framework Server). The vulnerability arises because ntfserver downloads binary resources over HTTP, allowing a network-positioned attacker to perform a MITM and swap the requested binary with a malicious one, potentially leading to remote code exe...

Downloads Resources over HTTP

Overview Affected versions of ntfserver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...