CVE-2018-8715
published 2018-03-15CVE-2018-8715: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP…
PriorityP266high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EXPLOIT
EPSS
19.85%
97.1th percentile
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| embedthis | appweb | <= 7.0.2 | — |
| paloalto | pan-os | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to the target root path with a forged Authorization header containing only 'Digest username=admin' (no password/hash). A 200 OK response with a non-empty body indicates successful authentication bypass. ↗
- →The vulnerability is triggered by a forged HTTP request targeting the authCondition function; affects form and digest login types in Appweb before 7.0.3. ↗
- ·The Nuclei template targets the root path '/' with a single GET request; detection relies on HTTP 200 status AND a non-empty body (space character match), which may produce false positives on unauthenticated pages. ↗
- ·PAN-OS impact is described as denial of service only (NULL dereference crash of management service), NOT authentication bypass — the CVE manifests differently on PAN-OS vs. native Appweb deployments. ↗
- ·Global Protect is explicitly NOT affected by this CVE on PAN-OS platforms. ↗
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jxh6-wcr3-pf67: The Embedthis HTTP library, and Appweb versions before 7
ghsa_unreviewed·2022-05-13
CVE-2018-8715 [HIGH] CWE-287 GHSA-jxh6-wcr3-pf67: The Embedthis HTTP library, and Appweb versions before 7
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
Palo Alto
Denial of Service in PAN-OS Management Web Interface
vendor_paloalto·2018-07-20·CVSS 8.1
CVE-2018-8715 [HIGH] CWE-287 Denial of Service in PAN-OS Management Web Interface
Denial of Service in PAN-OS Management Web Interface
Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. (Ref # PAN-93089, CVE-2018-8715)
A specially crafted HTTP POST request with an invalid “If-modified" header field may cause a NULL dereference and cause a denial of service condition. This vulnerability can be triggered without login or authentication and could result in a crash of the management service.
This issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.0. Global Protect is NOT affected.
Affected products: PAN-OS
Solution: PAN-OS 6.1.21 and later, PAN-OS 7.1.17 and later, PAN-OS 8.0.
No detection rules found.
Nuclei
AppWeb - Authentication Bypass
nuclei·CVSS 8.1
CVE-2018-8715 [HIGH] AppWeb - Authentication Bypass
AppWeb - Authentication Bypass
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
Template:
id: CVE-2018-8715
info:
name: AppWeb - Authentication Bypass
author: milo2012
severity: high
description: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
impact: |
Successful exploitation of this vulnerability could allow an attacker to bypass authentication and gain unauthorized access to the application.
remediation
2018-03-15
Published