Lucene search
K

4 matches found

OSV
OSV
added 2025/12/05 11:15 a.m.6 views

AZL-71590 CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

5.4CVSS6AI score0.00591EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/11/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-10915

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

9.8CVSS6.4AI score0.79135EPSS
In wildExploits2References4
GithubExploit
GithubExploit
added 2024/11/27 11:10 p.m.297 views

Exploit for Improper Neutralization in Dlink Dns-320_Firmware

CVE-2024-10914 - D-Link Remote Code Execution RCE This repo...

9.8CVSS8.6AI score0.97432EPSS
Exploits11
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.5 views

The vulnerability of the cgi_user_add function in the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add of D-Link routers such as DNS-320, DNS-320LW, DNS-325, and DNS-340L allows a hacker to execute arbitrary code.

The vulnerability of the cgiuseradd function in the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd of D-Link routers such as DNS-320, DNS-320LW, DNS-325, and DNS-340L lies in the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute...

10CVSS8.1AI score0.79135EPSS
Exploits2References6Affected Software4
Rows per page
Query Builder