Unrated severityNVD Advisory· Published Jan 28, 2005· Updated Apr 16, 2026

CVE-2005-0316

Description

WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.

Affected products

Webwasher/Webwasher Classic2 versions
cpe:2.3:a:webwasher:webwasher_classic:2.2.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:webwasher:webwasher_classic:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:webwasher:webwasher_classic:3.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/14058nvdPatchVendor Advisory
www.securityfocus.com/bid/12394nvdPatchVendor Advisory
www.oliverkarow.de/research/WebWasherCONNECT.txtnvdExploitVendor Advisory
marc.infonvd
securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/19144nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000