CVE-2006-5216

Sergey Lyubka Simple HTTPD <1.34 - RCE

Title source: llm

Description

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows_x86
https://www.exploit-db.com/exploits/16759
exploitdb WORKING POC VERIFIED
by SkOd · perlremotewindows
https://www.exploit-db.com/exploits/2482
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/shttpd_post.rb

References (8)

Scores

EPSS 0.8180
EPSS Percentile 99.2%

Details

Status published
Products (1)
sergey_lyubka/simple_httpd 1.34
Published Oct 10, 2006
Tracked Since Feb 18, 2026