Vulnerability in Smallsrv Small Http

CVE-2025-41359

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a…

EPSS: 0.000 (1.0th percentile) — read the EPSS interpretation.

Affected products

Smallsrv Small Http — versions 3.06.36

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-small-http-… (patch)