CVE-2023-46586

Name of the Vulnerable Software and Affected Versions Weborf versions 0.17 through 0.20 Itworf versions prior to #88

Description The issue is related to a null termination flaw in the cgi.c file of Weborf, where the path for CGI scripts lacks '0' termination due to the misuse of strncpy. This vulnerability could be exploited, posing a risk to users. Users are urged to update to the latest version to mitigate potential threats.

Recommendations For Weborf versions 0.17 through 0.20, update to version 1.0 or later to resolve the issue. For Itworf versions prior to #88, update to the latest version to mitigate risks. As a temporary workaround, consider restricting access to CGI scripts until a patch is available.