GITLAB-Kr0ff/cve-2019-16278

GITLAB WORKING POC

Exploit for CVE-2019-16278 - Nostromo nhttpd <1.9.6 - RCE

AI Analysis

This repository contains a functional Python exploit for CVE-2019-16278, which targets a directory traversal vulnerability in Nostromo (nhttpd) 1.9.6, leading to remote code execution (RCE). The exploit sends a crafted HTTP POST request to traverse directories and execute arbitrary commands via `/bin/sh`.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Gitlab

Type poc

Files 2

https://gitlab.com/Kr0ff/cve-2019-16278

Stars 0

Forks 0

Authors

Kr0ff

Vulnerability

CVE-2019-16278

Nostromo nhttpd <1.9.6 - RCE

CRITICAL KEV

CVSS 9.8