VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.
References
Link | Resource |
---|---|
https://github.com/alexazhou/VeryNginx/issues/218 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-12-10 00:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-19991
Mitre link : CVE-2018-19991
CVE.ORG link : CVE-2018-19991
JSON object : View
Products Affected
verynginx_project
- verynginx
CWE
CWE-755
Improper Handling of Exceptional Conditions