The open source OpenLiteSpeed Web Server has three vulnerabilities that have been investigated and found by the Unit 42 research team. The enterprise edition of LiteSpeed Web Server is likewise vulnerable. Adversaries could take control of the web server and acquire complete privileged remote code execution by connecting and exploiting the vulnerabilities.
On October 4, 2022, Unit 42 responsibly informed LiteSpeed Technologies of the vulnerabilities and offered a solution. On October 18, 2022, LiteSpeed Technologies quickly released a fix version (v188.8.131.52) to address the discovered vulnerabilities.