Vulnerability within the LightTPD component


Subscribe to our blog


Dear Valued Customer,

a vulnerability was identified within the LightTPD component version 1.4.49 of the OpenLM Server on version 5.6 and below. You can find more details about the vulnerability on the Tenable portal:

The immediate resolution to this vulnerability is to upgrade to OpenLM Server version 21, which is built on a different platform (Kestrel), does not contain the above mentioned issue, and overall improves the security of OpenLM products. You can find more details about the upgrade on OpenLM Website:

The alternative to the above for OpenLM version 5.6 and below is to utilize the option of using Microsoft’s IIS instead of the LightTPD built-in within OpenLM Server. You can find more details about using OpenLM with IIS on OpenLM Website:

The OpenLM Team takes security very seriously. In case you have any further questions, please kindly approach our Support department at

Thank you,

Branislav Potoček,
VP Support & Services

Skip to content