CVE-2008-6938

Pi3Web < 2.0.3_pl1 - Denial of Service via ISAPI Directory File Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-6938. PoCs published by Hamid Ebadi, including Metasploit module auxiliary/dos/windows/http/pi3web_isapi.

AI-analyzed exploit summary This is a writeup describing a DoS vulnerability in Pi3Web <=2.0.3 caused by insufficient checks on ISAPI module requests. The server crashes when attempting to load a non-DLL file (e.g., users.txt) as a DLL.

Description

Pi3Web 2.0.3 before PL2, when installed on Windows as a desktop application and without using the Pi3Web/Conf/Intenet.pi3, allows remote attackers to cause a denial of service (crash or hang) and obtain the full pathname of the server via a request to a file in the ISAPI directory that is not an executable DLL, which triggers the crash when the DLL load fails, as demonstrated using Isapi\users.txt.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Hamid Ebadi · textdoswindows
https://www.exploit-db.com/exploits/7109

This is a writeup describing a DoS vulnerability in Pi3Web <=2.0.3 caused by insufficient checks on ISAPI module requests. The server crashes when attempting to load a non-DLL file (e.g., users.txt) as a DLL.

Classification
Writeup 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Pi3Web <=2.0.3
No auth needed
Prerequisites: Access to the Pi3Web server · Ability to send HTTP requests to the ISAPI directory
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/http/pi3web_isapi.rb

This Metasploit module exploits a DoS vulnerability in Pi3Web HTTP server by sending a request for an invalid DLL file in the /isapi directory, causing the service to crash.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Pi3Web HTTP server versions 2.0.13 and earlier
No auth needed
Prerequisites: Network access to the Pi3Web HTTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498771
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/49999
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32287
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498575
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498770
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498602
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2008-11/0171.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32696
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46600
Exploit vdb-entry x_refsource_osvdb
http://www.osvdb.org/49998
Exploit mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498865
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7109

Scores

EPSS 0.7369
EPSS Percentile 98.8%

Details

CWE
CWE-20
Status published
Products (5)
holger_zimmermann/pi3web 1.0.1
holger_zimmermann/pi3web 2.0
holger_zimmermann/pi3web 2.0.1
holger_zimmermann/pi3web 2.0.2_beta_1
holger_zimmermann/pi3web < 2.0.3_pl1
Published Aug 11, 2009
Tracked Since Feb 18, 2026