Lucene search
K

509 matches found

Vulnrichment
Vulnrichment
added 2026/03/15 1:32 p.m.2 views

CVE-2026-4180 D-Link DIR-816 goahead redirect.asp access control

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument tokenid leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

7.5CVSS5.5AI score0.01357EPSS
Exploits1References5
CVE
CVE
added 2026/03/15 1:32 p.m.11 views

CVE-2026-4180

CVE-2026-4180 affects D-Link DIR-816 with firmware 1.10CNB05. The vulnerable component is the goahead-based file redirect.asp; manipulating the token_id parameter yields improper access controls. The attack can be launched remotely and an exploit is publicly available. This vulnerability impacts ...

9.8CVSS6.8AI score0.01357EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/15 1:32 p.m.44 views

CVE-2026-4180 D-Link DIR-816 goahead redirect.asp access control

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument tokenid leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

7.5CVSS0.01357EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.5 views

PT-2026-25554

A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...

7.5CVSS5.5AI score0.01357EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/15 12:0 a.m.12 views

PT-2026-25556

D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow CVE: CVE-2026-4182 PT-Identifier: PT-2026-25556 Vendor: D-link Product: DIR-816 CVSS: 9.3 Credits: pjqwudi VulDB User Description: A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of...

10CVSS7.8AI score0.01077EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.10 views

CVE-2003-1568

GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an invalid URL, related to the websSafeUrl function...

5CVSS7AI score0.01635EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.9 views

CVE-2003-1569

GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service daemon crash via an HTTP request with a 1 con, 2 nul, 3 clock$, or 4 config$ device name in a path component, different vectors than CVE-2001-0385...

5CVSS7AI score0.0839EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.10 views

CVE-2019-16645

An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages such as goform/login and config/logoffpage.htm create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack...

8.6CVSS6.9AI score0.08183EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.5 views

CVE-2019-12822

In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...

7.5CVSS6.9AI score0.08848EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/30 1:2 a.m.16 views

CVE-2025-68706

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

9.8CVSS7.8AI score0.04193EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/29 9:30 p.m.5 views

EUVD-2025-205631

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

7.6AI score0.04193EPSS
Exploits0References5
OSV
OSV
added 2025/12/29 7:15 p.m.5 views

CVE-2025-68706

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

9.8CVSS6.4AI score0.04193EPSS
Exploits0References4
NVD
NVD
added 2025/12/29 7:15 p.m.5 views

CVE-2025-68706

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

9.8CVSS0.04193EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.6 views

PT-2025-53779

Name of the Vulnerable Software and Affected Versions GoAhead-Webs on KuWFi 4G LTE AC900 version 1.0.13 Description A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon. The /goform/formMultiApnSetting handler uses sprintf to copy the pincode parameter, supplied by the user, into ...

8AI score0.04193EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/12/29 12:0 a.m.3 views

CVE-2025-68706

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

7.8AI score0.04193EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/29 12:0 a.m.23 views

CVE-2025-68706

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

0.04193EPSS
Exploits0References4
CVE
CVE
added 2025/12/29 12:0 a.m.16 views

CVE-2025-68706

CVE-2025-68706 affects KuWFi 4G LTE AC900 devices running firmware 1.0.13, in the GoAhead-Webs HTTP daemon. The vulnerability is in the /goform/formMultiApnSetting handler, which copies the user-provided pincode into a fixed 132-byte stack buffer using sprintf() without bounds checking. This stac...

9.8CVSS7.8AI score0.04193EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2025/11/07 4:7 p.m.27 views

From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage Tools

A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues. The organization, according to a report...

10CVSS9AI score0.99999EPSS
Exploits496
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2003-1559

Malware in sbrugna...

5CVSS6.4AI score0.01118EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0634

Malware in sbrugna...

5CVSS6.4AI score0.0521EPSS
Exploits1References3
Rows per page
Query Builder