Vulnerability Details
Basic Information
| Title | CVE-2025-46816 |
|---|---|
| Type | cve |
| Published | 2025-05-06T19:16:00 |
| Last Seen | 2025-05-06T19:22:46 |
| CVSS Score | 9.4 (CRITICAL) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | LOW |
CVE Information
| CVE IDs | CVE-2025-46816 |
|---|---|
| CWE | CWE-77, CWE-284 |
| Bulletin Family | cve |
Description
goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function dispatchReadPump does not checks the option…
Impact Assessment
| Base Score | 9.4 |
|---|---|
| Severity | CRITICAL |