Vulnerability Database

296,138

Total vulnerabilities in the database

CVE-2015-8212

CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.

Published: Jan 19, 2017
Updated: Apr 13, 2023
CVE: CVE-2015-8212
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
netbsd / netbsd	6.1.1	6.1.1.x
netbsd / netbsd	6.1.3	6.1.3.x
netbsd / netbsd	6.0	6.0.x
netbsd / netbsd	6.1.4	6.1.4.x
netbsd / netbsd	6.0.4	6.0.4.x
netbsd / netbsd	6.0.6	6.0.6.x
netbsd / netbsd	7.0	7.0.x
netbsd / netbsd	6.0.2	6.0.2.x
netbsd / netbsd	6.0.5	6.0.5.x
netbsd / netbsd	6.1.2	6.1.2.x
netbsd / netbsd	6.0.1	6.0.1.x
netbsd / netbsd	6.1.5	6.1.5.x
netbsd / netbsd	6.0.3	6.0.3.x
netbsd / netbsd	6.1	6.1.x