Remote Unauthenticated Heap Memory Corruption in Pablo Quick 'n Easy Web Server 3.3.8

Remote Unauthenticated Heap Memory Corruption in Pablo Quick 'n Easy Web Server 3.3.8

CVE-2019-19943 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.

Learn more about our Web App Pen Testing.