Unrated severityNVD Advisory· Published Jun 4, 2007· Updated Apr 23, 2026

CVE-2007-3008

Description

Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398.

Affected products

Mbedthis Software/Mbedthis Appweb HTTP Server10 versions
cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mbedthis_software:mbedthis_appweb_http_server:2.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000