Skip to main content

Shellinabox

1 CVEs product

Monthly

CVE-2015-8400 HIGH PATCH This Week

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fedora Shellinabox
NVD GitHub
CVSS 3.0
7.4
EPSS
0.6%
EPSS 1% CVSS 7.4
HIGH PATCH This Week

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fedora Shellinabox
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy