CVE-2024-0263
MEDIUMACME Ultra Mini HTTPd 1.21 - Denial of Service via HTTP GET Request Handler
Title source: llmDescription
A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-249819.
References (5)
Core 5
Core References
Permissions Required, Third Party Advisory vdb-entry
https://vuldb.com/?id.249819
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.249819
Exploit, Third Party Advisory, VDB Entry related
https://packetstormsecurity.com/files/176333/Ultra-Mini-HTTPd-1.21-Denial-Of-Service.html
Third Party Advisory exploit
https://0day.today/exploit/description/39212
Exploit media-coverage
https://www.youtube.com/watch?v=HWOGeg3e5As
Scores
CVSS v3
5.3
EPSS
0.0140
EPSS Percentile
68.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-404
Status
published
Products (1)
acme/ultra_mini_httpd
1.21
Published
Jan 07, 2024
Tracked Since
Feb 18, 2026