Known Vulnerabilities for Goahead by Embedthis
Listed below are 10 of the newest known vulnerabilities associated with "Goahead" by "Embedthis".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-36356 json | The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated O... | Not Provided | 2026-05-05 | 2026-05-05 |
| CVE-2021-43298 json | The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has n... | 9.8 - CRITICAL | 2022-01-25 | 2022-02-01 |
| CVE-2021-42342 json | An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to ... | 9.8 - CRITICAL | 2021-10-14 | 2021-10-20 |
| CVE-2021-41615 json | websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded once... | 9.8 - CRITICAL | 2022-08-08 | 2022-08-12 |
| CVE-2020-15688 json | The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. Thi... | 8.8 - HIGH | 2020-07-23 | 2023-01-31 |
| CVE-2019-19240 json | Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a ... | 5.3 - MEDIUM | 2019-11-22 | 2020-08-24 |
| CVE-2019-16645 json | An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create l... | 8.6 - HIGH | 2019-09-20 | 2020-08-24 |
| CVE-2019-12822 json | In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, o... | 7.5 - HIGH | 2019-06-14 | 2021-07-21 |
| CVE-2019-5097 json | A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server ap... | 7.5 - HIGH | 2019-12-03 | 2022-06-17 |
| CVE-2019-5096 json | An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead... | 9.8 - CRITICAL | 2019-12-03 | 2022-06-17 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Embedthis | Goahead | 5.1.2 | |||
| Application | Embedthis | Goahead | 5.1.0 | |||
| Application | Embedthis | Goahead | 5.0.1 | |||
| Application | Embedthis | Goahead | 5.0.0 | |||
| Application | Embedthis | Goahead | 4.1.2 | |||
| Application | Embedthis | Goahead | 4.1.1 | |||
| Application | Embedthis | Goahead | 4.1.0 | |||
| Application | Embedthis | Goahead | 4.0.2 | |||
| Application | Embedthis | Goahead | 4.0.1 | |||
| Application | Embedthis | Goahead | 4.0.0 | |||
| Application | Embedthis | Goahead | 3.6.5 | |||
| Application | Embedthis | Goahead | 3.6.4 | |||
| Application | Embedthis | Goahead | 3.6.3 | |||
| Application | Embedthis | Goahead | 3.6.2 | |||
| Application | Embedthis | Goahead | 3.6.1 | |||
| Application | Embedthis | Goahead | 3.6.0 | |||
| Application | Embedthis | Goahead | 3.5.0 | |||
| Application | Embedthis | Goahead | 3.4.9 | |||
| Application | Embedthis | Goahead | 3.4.8 | |||
| Application | Embedthis | Goahead | 3.4.7 |