CVE-2023-46586
Published
CVSS v3
9.1
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for CGI scripts because strncpy is misused.
Shares files using the HTTP protocol. Provides CLI and GUI. Allows using webdav.
GitHub