Home

Description

AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.

PUBLISHED Reserved 2026-03-06 | Published 2026-03-06 | Updated 2026-03-06 | Assigner VulnCheck




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

Initialization of a Resource with an Insecure Default

Product status

2.7
affected

Credits

Ihsan Sencan finder

References

www.exploit-db.com/exploits/45850 (ExploitDB-45850) exploit

www.vulncheck.com/...service-via-malformed-socket-connection (VulnCheck Advisory: AMPPS 2.7 Denial of Service via Malformed Socket Connection) third-party-advisory

cve.org (CVE-2018-25169)

nvd.nist.gov (CVE-2018-25169)

Download JSON