Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
15 April 2024
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal.
While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in August 2018 with version 1.4.51, the lack of a CVE identifier or an advisory meant that