NOMISEC-NHPT/CVE-2019-16278

NOMISEC WORKING POC

Exploit for CVE-2019-16278 - Nostromo nhttpd <1.9.6 - RCE

AI Analysis

This repository contains a functional Python exploit for CVE-2019-16278, a path traversal vulnerability in Nostromo web server <= 1.9.6 that allows remote command execution via crafted HTTP requests with %0d bypass.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 2

https://github.com/NHPT/CVE-2019-16278

Stars 0

Forks 1

Last Push Jan 01, 2020

Authors

NHPT

Vulnerability

CVE-2019-16278

Nostromo nhttpd <1.9.6 - RCE

CRITICAL KEV

CVSS 9.8