NULL Pointer Dereference in GoAhead's websDecodeUrl Function

NULL Pointer Dereference in GoAhead's websDecodeUrl Function

CVE-2017-14149 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

GoAhead 3.4.0 through 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.

Learn more about our Web App Pen Testing.