NOMISEC-alexander-fernandes/CVE-2019-16278

NOMISEC WORKING POC
Exploit for CVE-2019-16278 - Nostromo nhttpd <1.9.6 - RCE
AI Analysis

This repository contains a functional Python exploit for CVE-2019-16278, which leverages a directory traversal vulnerability in Nostromo nhttpd 1.9.6 to achieve unauthenticated remote code execution via a crafted HTTP POST request.

Attack Type
RCE
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter
Loading exploit code...
Download ZIP Password: eip
Source
Platform Nomisec
Type remote
Files 2
Stars 0
Forks 1
Last Push Mar 24, 2022
Authors
alexander-fernandes Alexander Fernandes
Vulnerability
CVE-2019-16278
Nostromo nhttpd <1.9.6 - RCE
CRITICAL KEV
CVSS 9.8