CVE-2025-13826

Published: Apr 21, 2026

Modified: Apr 21, 2026

PUBLISHED

Description

Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is caused by inadequate validation of user-supplied input. An attacker can exploit this vulnerability by sending malicious requests. If the vulnerability is successfully exploited, the application can be made to stop responding, resulting in a DoS condition. It is possible to manually restart the application.

Vendor	Product	Versions
Zervit	portable HTTP/Web server	affected `0`

Weaknesses (CWE)

CWE-20

References

https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-input-validation-zervit-portable-httpweb-server

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-13826

Description

Affected Products

Weaknesses (CWE)

References