cbcvebase.
CVE-2014-9707
published 2015-03-31

CVE-2014-9707: EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory…

PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
28.42%
97.9th percentile
EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbitrary code via a crafted URI.

Affected

8 ranges
VendorProductVersion rangeFixed in
embedthisgoahead
embedthisgoahead
embedthisgoahead
embedthisgoahead
embedthisgoahead
embedthisgoahead
embedthisgoahead
embedthisgoahead

Detection & IOCsextracted from sources · hover to see the quote

versionEmbedThis GoAhead 3.0.0 through 3.4.1
  • Look for HTTP requests containing path segments starting with a dot (.) in the URI, indicative of directory traversal attempts against GoAhead web servers.
  • Monitor for directory traversal patterns in URIs targeting GoAhead 3.x servers that may result in heap-based buffer overflow or crash (DoS) in addition to file read.
  • The Metasploit auxiliary module goahead_traversal targets GoAhead 3.4.1 specifically for arbitrary file read via directory traversal; presence of this module's traffic patterns (scanner HTTP requests with traversal sequences) should be flagged.
  • ·Vulnerability affects only GoAhead versions 3.0.0 through 3.4.1; versions outside this range are not affected by this specific flaw.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.