7.5
CWE
476
Advisory Published
Updated

CVE-2018-15504: Null Pointer Dereference

First published: Sat Aug 18 2018(Updated: )

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Mbedthis AppWeb HTTP server<7.0.2
Embedthis GoAhead Web Server<4.0.1
Junos OS Evolved=12.1x46
Junos OS Evolved=12.1x46-d10
Junos OS Evolved=12.1x46-d15
Junos OS Evolved=12.1x46-d20
Junos OS Evolved=12.1x46-d25
Junos OS Evolved=12.1x46-d30
Junos OS Evolved=12.1x46-d35
Junos OS Evolved=12.1x46-d40
Junos OS Evolved=12.1x46-d45
Junos OS Evolved=12.1x46-d50
Junos OS Evolved=12.1x46-d55
Junos OS Evolved=12.1x46-d60
Junos OS Evolved=12.1x46-d65
Junos OS Evolved=12.1x46-d66
Junos OS Evolved=12.1x46-d67
Junos OS Evolved=12.1x46-d70
Junos OS Evolved=12.1x46-d71
Junos OS Evolved=12.1x46-d72
Junos OS Evolved=12.1x46-d73
Junos OS Evolved=12.1x46-d76
Junos OS Evolved=12.1x46-d77
Junos OS Evolved=12.3x48
Junos OS Evolved=12.3x48-d10
Junos OS Evolved=12.3x48-d15
Junos OS Evolved=12.3x48-d20
Junos OS Evolved=12.3x48-d25
Junos OS Evolved=12.3x48-d30
Junos OS Evolved=12.3x48-d35
Junos OS Evolved=12.3x48-d40
Junos OS Evolved=12.3x48-d45
Junos OS Evolved=12.3x48-d50
Junos OS Evolved=12.3x48-d51
Junos OS Evolved=12.3x48-d55
Junos OS Evolved=12.3x48-d60
Junos OS Evolved=12.3x48-d65
Junos OS Evolved=12.3x48-d66
Junos OS Evolved=12.3x48-d70
Junos OS Evolved=12.3x48-d75
Junos OS Evolved=15.1x49
Junos OS Evolved=15.1x49-d10
Junos OS Evolved=15.1x49-d100
Junos OS Evolved=15.1x49-d110
Junos OS Evolved=15.1x49-d120
Junos OS Evolved=15.1x49-d130
Junos OS Evolved=15.1x49-d131
Junos OS Evolved=15.1x49-d140
Junos OS Evolved=15.1x49-d15
Junos OS Evolved=15.1x49-d150
Junos OS Evolved=15.1x49-d160
Junos OS Evolved=15.1x49-d170
Junos OS Evolved=15.1x49-d20
Junos OS Evolved=15.1x49-d25
Junos OS Evolved=15.1x49-d30
Junos OS Evolved=15.1x49-d35
Junos OS Evolved=15.1x49-d40
Junos OS Evolved=15.1x49-d45
Junos OS Evolved=15.1x49-d50
Junos OS Evolved=15.1x49-d55
Junos OS Evolved=15.1x49-d60
Junos OS Evolved=15.1x49-d65
Junos OS Evolved=15.1x49-d70
Junos OS Evolved=15.1x49-d75
Junos OS Evolved=15.1x49-d80
Junos OS Evolved=15.1x49-d90
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX1500
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX240H2
Juniper SRX240M
Juniper SRX300
Juniper SRX320
Juniper SRX340
Juniper SRX3400
Juniper SRX345
Juniper SRX3600
Juniper SRX380
Juniper SRX4000
Juniper SRX4100
Juniper SRX4200
Juniper SRX4600
Junos OS SRX 5000 Series
Juniper SRX5400
Juniper SRX550
Juniper SRX550
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Junos OS Evolved=12.3
Junos OS Evolved=12.3-r1
Junos OS Evolved=12.3-r10
Junos OS Evolved=12.3-r10-s1
Junos OS Evolved=12.3-r10-s2
Junos OS Evolved=12.3-r11
Junos OS Evolved=12.3-r12
Junos OS Evolved=12.3-r12-s1
Junos OS Evolved=12.3-r12-s10
Junos OS Evolved=12.3-r12-s11
Junos OS Evolved=12.3-r12-s12
Junos OS Evolved=12.3-r12-s3
Junos OS Evolved=12.3-r12-s4
Junos OS Evolved=12.3-r12-s6
Junos OS Evolved=12.3-r12-s8
Junos OS Evolved=12.3-r13
Junos OS Evolved=12.3-r2
Junos OS Evolved=12.3-r3
Junos OS Evolved=12.3-r4
Junos OS Evolved=12.3-r5
Junos OS Evolved=12.3-r6
Junos OS Evolved=12.3-r7
Junos OS Evolved=12.3-r8
Junos OS Evolved=12.3-r9
Juniper EX2200-C
Juniper EX2200
Juniper EX2200
Juniper EX2300-24T
Juniper EX2300 Multigigabit
Juniper EX2300-24P
Juniper EX2300-24T
Juniper EX2300-48MP
Juniper EX2300-48P
Juniper EX2300-48T
Juniper EX2300-C
Juniper EX2300
Juniper EX3200
Juniper EX3300-VX
Juniper EX3300-VX
Juniper EX3400
Juniper EX Series
Juniper EX4200
Juniper EX4300-24T
Juniper EX4300-24P
Juniper EX4300
Juniper EX4300-24T-S
Juniper EX4300
Juniper EX4300-32F-S
Juniper EX4300
Juniper EX4300-32F-S
Juniper EX4300-48MP
Juniper EX4300-48MP-S
Juniper EX4300-48P
Juniper EX4300-48P
Juniper EX4300-48T-AFI
Juniper EX4300-48TAFI
Juniper EX4300-48TDC
Juniper EX4300-48TDC-AFI
Juniper EX4300-48T-S
Juniper EX4300
Juniper EX4300 Multigigabit
Juniper EX4300-48T-DC-AFI
Juniper EX4300
Juniper EX4300
Juniper EX4300
Juniper EX4400-24X
juniper ex4500-vc
Juniper EX4500
Juniper EX Series
Juniper EX4550
Juniper EX4550
Juniper EX4600
Juniper EX4600
Juniper EX4650
Juniper EX6200
Juniper EX Series
Juniper EX Series
Juniper EX8200
Juniper EX8208
Juniper EX Series
Juniper EX9200
Juniper EX Series
Juniper EX9208
Juniper EX9214
Juniper EX9250
Juniper EX9251
Juniper EX9253
Junos OS Evolved=15.1
Junos OS Evolved=15.1-a1
Junos OS Evolved=15.1-f
Junos OS Evolved=15.1-f1
Junos OS Evolved=15.1-f2
Junos OS Evolved=15.1-f2-s1
Junos OS Evolved=15.1-f2-s2
Junos OS Evolved=15.1-f2-s3
Junos OS Evolved=15.1-f2-s4
Junos OS Evolved=15.1-f3
Junos OS Evolved=15.1-f4
Junos OS Evolved=15.1-f5
Junos OS Evolved=15.1-f5-s7
Junos OS Evolved=15.1-f6
Junos OS Evolved=15.1-f6-s1
Junos OS Evolved=15.1-f6-s10
Junos OS Evolved=15.1-f6-s12
Junos OS Evolved=15.1-f6-s2
Junos OS Evolved=15.1-f6-s3
Junos OS Evolved=15.1-f6-s4
Junos OS Evolved=15.1-f6-s5
Junos OS Evolved=15.1-f6-s6
Junos OS Evolved=15.1-f6-s7
Junos OS Evolved=15.1-f6-s8
Junos OS Evolved=15.1-f6-s9
Juniper MX Series
Juniper MX10
Juniper MX10000
Juniper MX10003
Juniper MX10008
Juniper MX10016
Juniper MX104
Juniper MX150
Juniper MX2008
Juniper MX2010
Juniper MX2020
Juniper MX204
Juniper MX240
Juniper MX40
Juniper MX480
Juniper MX5
Juniper MX80
Juniper MX960
Juniper PTX1000
Juniper PTX1000
Juniper PTX10000
Juniper PTX10001-36MR
Juniper PTX10001-36MR
Juniper PTX10016
Juniper PTX10002
Juniper PTX10002
Juniper PTX10003 80C
Juniper PTX10003
Juniper PTX10003 80C
Juniper PTX10003
Juniper PTX10004
Juniper PTX10008
Juniper PTX10016
Juniper PTX3000
Juniper PTX Series
Juniper T1600
Juniper T320
Juniper T4000
Juniper T640
Junos OS Evolved=15.1x53
Junos OS Evolved=15.1x53
Junos OS Evolved=15.1x53-d10
Junos OS Evolved=15.1x53-d20
Junos OS Evolved=15.1x53-d21
Junos OS Evolved=15.1x53-d210
Junos OS Evolved=15.1x53-d230
Junos OS Evolved=15.1x53-d231
Junos OS Evolved=15.1x53-d232
Junos OS Evolved=15.1x53-d233
Junos OS Evolved=15.1x53-d234
Junos OS Evolved=15.1x53-d235
Junos OS Evolved=15.1x53-d236
Junos OS Evolved=15.1x53-d237
Junos OS Evolved=15.1x53-d25
Junos OS Evolved=15.1x53-d30
Junos OS Evolved=15.1x53-d31
Junos OS Evolved=15.1x53-d32
Junos OS Evolved=15.1x53-d33
Junos OS Evolved=15.1x53-d34
Junos OS Evolved=15.1x53-d40
Junos OS Evolved=15.1x53-d45
Junos OS Evolved=15.1x53-d47
Junos OS Evolved=15.1x53-d470
Junos OS Evolved=15.1x53-d471
Junos OS Evolved=15.1x53-d48
Junos OS Evolved=15.1x53-d490
Junos OS Evolved=15.1x53-d495
Junos OS Evolved=15.1x53-d50
Junos OS Evolved=15.1x53-d51
Junos OS Evolved=15.1x53-d52
Junos OS Evolved=15.1x53-d55
Junos OS Evolved=15.1x53-d56
Junos OS Evolved=15.1x53-d57
Junos OS Evolved=15.1x53-d58
Junos OS Evolved=15.1x53-d59
Junos OS Evolved=15.1x53-d590
Junos OS Evolved=15.1x53-d60
Junos OS Evolved=15.1x53-d61
Junos OS Evolved=15.1x53-d62
Junos OS Evolved=15.1x53-d63
Junos OS Evolved=15.1x53-d64
Junos OS Evolved=15.1x53-d65
Junos OS Evolved=15.1x53-d66
Junos OS Evolved=15.1x53-d67
Junos OS Evolved=15.1x53-d68
Junos OS Evolved=15.1x53-d70
Juniper Networks QFX-Series
Junos OS Evolved=15.1-f7
Junos OS Evolved=15.1-r
Junos OS Evolved=15.1-r1
Junos OS Evolved=15.1-r2
Junos OS Evolved=15.1-r3
Junos OS Evolved=15.1-r4
Junos OS Evolved=15.1-r4-s7
Junos OS Evolved=15.1-r4-s8
Junos OS Evolved=15.1-r4-s9
Junos OS Evolved=15.1-r5
Junos OS Evolved=15.1-r5-s1
Junos OS Evolved=15.1-r5-s3
Junos OS Evolved=15.1-r5-s5
Junos OS Evolved=15.1-r5-s6
Junos OS Evolved=15.1-r6
Junos OS Evolved=15.1-r6-s1
Junos OS Evolved=15.1-r6-s2
Junos OS Evolved=15.1-r6-s3
Junos OS Evolved=15.1-r6-s4
Junos OS Evolved=15.1-r6-s6
Junos OS Evolved=15.1-r7
Junos OS Evolved=15.1-r7-s1
Junos OS Evolved=15.1-r7-s10
Junos OS Evolved=15.1-r7-s11
Junos OS Evolved=15.1-r7-s12
Junos OS Evolved=15.1-r7-s2
Junos OS Evolved=15.1-r7-s3
Junos OS Evolved=16.1
Junos OS Evolved=16.1-r1
Junos OS Evolved=16.1-r2
Junos OS Evolved=16.1-r3
Junos OS Evolved=16.1-r3-s10
Junos OS Evolved=16.1-r3-s11
Junos OS Evolved=16.1-r3-s8
Junos OS Evolved=16.1-r4
Junos OS Evolved=16.1-r4-s12
Junos OS Evolved=16.1-r4-s2
Junos OS Evolved=16.1-r4-s3
Junos OS Evolved=16.1-r4-s4
Junos OS Evolved=16.1-r4-s6
Junos OS Evolved=16.1-r4-s8
Junos OS Evolved=16.1-r4-s9
Junos OS Evolved=16.1-r5
Junos OS Evolved=16.1-r5-s4
Junos OS Evolved=16.1-r6
Junos OS Evolved=16.1-r6-s1
Junos OS Evolved=16.1-r6-s3
Junos OS Evolved=16.1-r6-s4
Junos OS Evolved=16.1-r6-s6
Junos OS Evolved=16.1-r7
Junos OS Evolved=16.1-r7-s2
Junos OS Evolved=16.1-r7-s3
Junos OS Evolved=16.1-r7-s4
Junos OS Evolved=16.1-r7-s5
Junos OS Evolved=16.2
Junos OS Evolved=16.2-r1
Junos OS Evolved=16.2-r1-s6
Junos OS Evolved=16.2-r2
Junos OS Evolved=16.2-r2-s1
Junos OS Evolved=16.2-r2-s10
Junos OS Evolved=16.2-r2-s2
Junos OS Evolved=16.2-r2-s5
Junos OS Evolved=16.2-r2-s6
Junos OS Evolved=16.2-r2-s7
Junos OS Evolved=16.2-r2-s8
Junos OS Evolved=17.1
Junos OS Evolved=17.1-r1
Junos OS Evolved=17.1-r1-s7
Junos OS Evolved=17.1-r2
Junos OS Evolved=17.1-r2-s1
Junos OS Evolved=17.1-r2-s10
Junos OS Evolved=17.1-r2-s11
Junos OS Evolved=17.1-r2-s2
Junos OS Evolved=17.1-r2-s3
Junos OS Evolved=17.1-r2-s4
Junos OS Evolved=17.1-r2-s5
Junos OS Evolved=17.1-r2-s6
Junos OS Evolved=17.1-r2-s7
Junos OS Evolved=17.1-r2-s8
Junos OS Evolved=17.1-r2-s9
Junos OS Evolved=17.2-r2
Junos OS Evolved=17.2-r2-s4
Junos OS Evolved=17.2-r2-s6
Junos OS Evolved=17.2-r3
Junos OS Evolved=17.3
Junos OS Evolved=17.3-r1
Junos OS Evolved=17.3-r1-s1
Junos OS Evolved=17.3-r1-s4
Junos OS Evolved=17.3-r2
Junos OS Evolved=17.3-r2-s1
Junos OS Evolved=17.3-r2-s2
Junos OS Evolved=17.3-r2-s3
Junos OS Evolved=17.3-r2-s4
Junos OS Evolved=17.3-r3
Junos OS Evolved=17.3-r3-s1
Junos OS Evolved=17.3-r3-s2
Junos OS Evolved=17.3-r3-s3
Junos OS Evolved=17.3-r3-s4
Junos OS Evolved=17.4
Junos OS Evolved=17.4-r1
Junos OS Evolved=17.4-r1-s1
Junos OS Evolved=17.4-r1-s2
Junos OS Evolved=17.4-r1-s3
Junos OS Evolved=17.4-r1-s4
Junos OS Evolved=17.4-r1-s5
Junos OS Evolved=17.4-r1-s6
Junos OS Evolved=17.4-r2
Junos OS Evolved=17.4-r2-s1
Junos OS Evolved=17.4-r2-s2
Junos OS Evolved=17.4-r2-s3
Junos OS Evolved=17.4-r2-s4
Junos OS Evolved=17.4-r2-s5
Junos OS Evolved=18.1
Junos OS Evolved=18.1-r1
Junos OS Evolved=18.1-r2
Junos OS Evolved=18.1-r2-s1
Junos OS Evolved=18.1-r2-s2
Junos OS Evolved=18.1-r2-s4
Junos OS Evolved=18.1-r3
Junos OS Evolved=18.1-r3-s1
Junos OS Evolved=18.1-r3-s2
Junos OS Evolved=18.1-r3-s3
Junos OS Evolved=18.2
Junos OS Evolved=18.2-r1
Junos OS Evolved=18.2-r1
Junos OS Evolved=18.2-r1-s2
Junos OS Evolved=18.2-r1-s3
Junos OS Evolved=18.2-r1-s4
Junos OS Evolved=18.2-r2
Junos OS Evolved=18.2-r2-s1
Junos OS Evolved=18.2-r2-s2
Junos OS Evolved=18.3
Junos OS Evolved=18.3-r1
Junos OS Evolved=18.3-r1-s1
Junos OS Evolved=18.3-r1-s2
Junos OS Evolved=18.4
Junos OS Evolved=18.4-r1
Junos OS Evolved=18.4-r1-s1
Junos OS Evolved=18.4-r1-s2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2018-15504?

    CVE-2018-15504 has a moderate severity rating due to the potential for a NULL pointer dereference leading to application crashes.

  • How do I fix CVE-2018-15504?

    To fix CVE-2018-15504, upgrade Embedthis GoAhead to version 4.0.1 or later, and Embedthis Appweb to version 7.0.2 or later.

  • Which software versions are affected by CVE-2018-15504?

    CVE-2018-15504 affects Embedthis GoAhead versions prior to 4.0.1 and Embedthis Appweb versions prior to 7.0.2.

  • Is Juniper JUNOS affected by CVE-2018-15504?

    Yes, specific versions of Juniper JUNOS are affected by CVE-2018-15504, particularly those associated with the impacted Embedthis products.

  • What types of attacks can CVE-2018-15504 facilitate?

    CVE-2018-15504 can facilitate denial of service (DoS) attacks due to intentional triggering of NULL pointer dereferences.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203