CVE-2025-41368 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in '/' allows remote users to bypass the intended restrictions…
High CVSS: 8.7

CVE-2025-41368

Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in '/' allows remote users to bypass the intended restrictions of SecurityManager and display any file if they have the appropriate permissions outside the document root configured on the server.
Vendor
Smallsrv
Product
Small Http Server
CWE
CWE-22
Yayın Tarihi
2026-03-26 12:16:08
Güncelleme
2026-03-26 21:07:45
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-22 Small Http Server HIGH Smallsrv 2026

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-small-http-server-smallsrv