Improper input validation in Atvise Webmi2ads

CVE-2011-4883

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.121 (93.9th percentile) — read the EPSS interpretation.

Affected products

Atvise Webmi2ads — versions 1.0, 2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cret@cert.org (US Government Resource, x_refsource_MISC)