Vulnerabilities > CVE-2020-15689 - NULL Pointer Dereference vulnerability in Embedthis Appweb

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
embedthis
CWE-476

Summary

Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact range. This may result in a NULL pointer dereference and cause a denial of service.

Vulnerable Configurations

Part Description Count
Application
Embedthis
67

Common Weakness Enumeration (CWE)