cbcvebase.
CVE-2007-2506
published 2007-05-04

CVE-2007-2506: WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service…

PriorityP433high7.8CVSS 2.0
AVNACLAuNCNINAC
EXPLOIT
EPSS
3.97%
89.2th percentile
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO.

Affected

5 ranges
VendorProductVersion rangeFixed in
progressprogress
progresswebspeed
progresswebspeed
progresswebspeed
progresswebspeed
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.