Vulnerabilities > Litespeedtech > Openlitespeed > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-40518 | Unspecified vulnerability in Litespeedtech Openlitespeed LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers. | 7.5 |
| 2022-10-27 | CVE-2022-0073 | Improper Input Validation vulnerability in Litespeedtech Openlitespeed Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. | 8.8 |
| 2022-10-27 | CVE-2022-0074 | Untrusted Search Path vulnerability in Litespeedtech Openlitespeed Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. | 8.8 |
| 2020-01-06 | CVE-2020-5519 | Improper Input Validation vulnerability in Litespeedtech Openlitespeed The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen. | 7.5 |