CVE-2015-8400

Published January 12th, 2016

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.

shellinabox/shellinabox

Official-ish Fork of Shell In A Box

GitHub

3.06K