CVE-2019-18850

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-18850

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18850.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-18850

Published

2019-12-04T13:15:10.973Z

Modified

2025-11-14T09:24:43.612134Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITEPATHQUERY".

References

Affected packages

Git / github.com/trustedsec/trevorc2

Affected ranges

Type: GIT
Repo: https://github.com/trustedsec/trevorc2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

1fe15cd707fa05bd558d6bb5b6c489d483179ace

Last affected

9769f5d18c47e12ecae51ead3790df991d2d97de

Affected versions

0.*

0.2

0.3

0.3.1

0.4

0.5

0.6

0.7

0.8

0.9

1.*

1.0

1.1

1.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18850.json"