ByteOS Network

AMPPS

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2018-25169

Assigner-VulnCheck

View Details

Assigner-VulnCheck

CVSS Score-8.7||HIGH

EPSS-0.15% / 35.64%

7 Day CHG~0.00%

Published-06 Mar, 2026 | 12:19

Updated-09 Mar, 2026 | 19:04

AMPPS 2.7 Denial of Service via Malformed Socket Connection

AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.

Vendor-Ampps

Product-AMPPS

CWE ID-CWE-1188

Initialization of a Resource with an Insecure Default

CVE-2024-1189

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-0.06% / 18.56%

7 Day CHG~0.00%

Published-02 Feb, 2024 | 18:31

Updated-09 May, 2025 | 17:38

AMPPS Encryption Passphrase denial of service

A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encryption Passphrase Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252679. NOTE: The vendor explains that AMPPS 4.0 is a complete overhaul and the code was re-written.

Vendor-softaculous n/a

Product-ampps AMPPS

CWE ID-CWE-404

Improper Resource Shutdown or Release