What's new

lighttpd 1.4.39 vulnerabilities

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Sparrow

New Around Here
Last edited:
I did it on AX56U, 386.2 beta1, no risks.
IMG_20210313_112948.png
 
Last edited:
Is it possible to update it in upcoming Merlin releases?
No, portions of AiCloud are closed source and outside of my control.

Note that you should never blindly rely on such test tools. They generally don't test anything, and just make assumptions based on a reported software version, without being able to tell if a specific server is actually vulnerable or not. Features can be enabled/disabled, fixes can be backported. And in this particular case, 1.4.39 isn't even vulnerable to CVE-2019-11072... And I can tell that the other CVE cannot be exploited in AiCloud either.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top