Multiple high-severity flaws have been uncovered in the open source OpenLiteSpeed Web Server as well as its enterprise variant that could be weaponized to achieve remote code execution.
“By chaining and exploiting the vulnerabilities, adversaries could compromise the web server and gain fully privileged remote code execution,” Palo Alto Networks Unit 42 said in a Thursday report.