CVE-2025-40907 | ETHER FCGI up to 0.82 on Perl fcgiapp.c ReadParams nameLen/valueLen vulnerable third-party component

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in ETHER FCGI up to 0.82 on Perl and classified as problematic. Affected by this issue is the function ReadParams of the file fcgiapp.c. The manipulation of the argument nameLen/valueLen leads to dependency on vulnerable third-party component.

This vulnerability is handled as CVE-2025-40907. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-40907 | ETHER FCGI up to 0.82 on Perl fcgiapp.c ReadParams nameLen/valueLen vulnerable third-party component

Post correlati

CVE-2024-51381 | JATOS 3.9.3 cross-site request forgery

CVE-2024-40507 | openPetra 2023.02 serverMPersonnel.asmx cross site scripting

CVE-2024-6233 | Check Point ZoneAlarm Extreme Security prior 4.2.712 link following (ZDI-24-1036)

CVE-2024-57036 | TOTOLINK A810R 4.1.2cu.5032 HTTP Request downloadFile.cgi command injection