CVE-2010-2435

Weborf HTTP Server <= 0.12.1 - Denial of Service via Unicode Characters in Connection Header

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2435. PoCs published by Crash.

AI-analyzed exploit summary This exploit demonstrates a Denial-of-Service (DoS) vulnerability in Weborf HTTP Server by sending a malformed HTTP request with a unicode character in the 'Connection' header. The server crashes when processing the request due to improper handling of the unicode character.

Description

Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Crash · textdosmultiple
https://www.exploit-db.com/exploits/14012

This exploit demonstrates a Denial-of-Service (DoS) vulnerability in Weborf HTTP Server by sending a malformed HTTP request with a unicode character in the 'Connection' header. The server crashes when processing the request due to improper handling of the unicode character.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Weborf HTTP Server 0.12.1 and prior
No auth needed
Prerequisites: Network access to the target server · Weborf HTTP Server running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511953/100/0/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40322
Release Notes x_refsource_confirm
http://freshmeat.net/projects/weborf/releases/318531
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41064

Scores

EPSS 0.0647
EPSS Percentile 92.9%

Details

CWE
CWE-20
Status published
Products (4)
salvo_tomaselli/weborf_http_server 0.10
salvo_tomaselli/weborf_http_server 0.11
salvo_tomaselli/weborf_http_server 0.12
salvo_tomaselli/weborf_http_server < 0.12.1
Published Jun 24, 2010
Tracked Since Feb 18, 2026