header-logo
Suggest Exploit
vendor:
Cafu
by:
Unknown
7.5
CVSS
HIGH
Remote NULL Pointer Dereference, Remote Client Format String
476, 134
CWE
Product Name: Cafu
Affected Version From: Cafu 9.06
Affected Version To: Cafu 9.06
Patch Exists: NO
Related CWE:
CPE: a:cafu:cafu:9.06
Metasploit:
Other Scripts:
Platforms Tested:
2021

Cafu Remote Vulnerabilities

The vulnerabilities in Cafu allow remote attackers to execute arbitrary code or crash the affected application, leading to a denial-of-service condition.

Mitigation:

Upgrade to a version later than Cafu 9.06.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38897/info

Cafu is prone to a remote NULL pointer dereference vulnerability and a remote client format string vulnerability.

Successful exploits may allow an attacker to execute arbitrary code within the context of the affected application or crash the affected application, resulting in a denial-of-service condition.

Cafu 9.06 and prior are vulnerable; other versions may also be affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33786.zip