### [CVE-2011-0751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0751)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.

### POC

#### Reference
- http://securityreason.com/securityalert/8140
- http://www.redteam-pentesting.de/advisories/rt-sa-2011-001

#### Github
- https://github.com/20142995/Goby
- https://github.com/ARPSyndicate/cvemon
- https://github.com/HimmelAward/Goby_POC
- https://github.com/NHPT/CVE-2019-16278
- https://github.com/Z0fhack/Goby_POC
- https://github.com/jas502n/CVE-2019-16278