Arbitrary Command Execution Vulnerability in Nostromo nhttpd

Arbitrary Command Execution Vulnerability in Nostromo nhttpd

CVE-2022-48253 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.

Learn more about our Cis Benchmark Audit For Server Software.