RHEL 7 : perl-http-daemon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-HTTP-Daemon: HTTP::Daemon allows request smuggling CVE-2022-31081 Note that Nessus has not tested for this iss...

The vulnerability of the formSetCfm() function in the httpd daemon of the microprogramming software for wireless access points from Tenda W6, which allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetCfm function in the httpd daemon of the microprogrammed wireless access points of Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the funcpara1 parameter. Exploiting this vulnerability could allow an attacker to compromise...

Vulnerability of the formWifiMacFilterGet() function in the httpd daemon of the wireless access point Tenda i6 software, which allows a intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the formWifiMacFilterGet function in the httpd daemon of the microprogrammed wireless access points from Tenda i6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the formSetAutoPing() function in the httpd daemon of the microprogrammed wireless access points of Tenda i6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetAutoPing function in the httpd daemon of the microprogrammed wireless access points of Tenda i6 is related to the operation that goes beyond the buffer in memory when processing the parameter ping1. Exploiting this vulnerability can allow an attacker to compromise...

PT-2024-1313 · Tenda · Tenda I6

Name of the Vulnerable Software and Affected Versions: Tenda i6 version 1.0.0.93857 Description: A critical issue affects the formwrlSSIDset function of the httpd component, specifically in the /goform/wifiSSIDset file. The manipulation of the index argument leads to a stack-based buffer overflow...

Amazon Linux 2 : perl-HTTP-Daemon (ALAS-2024-2405)

The version of perl-HTTP-Daemon installed on the remote host is prior to 6.01-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2405 advisory. HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which cou...

Low: perl-HTTP-Daemon

Issue Overview: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based...

The vulnerability of the httpd-demon software of D-Link G416 router microprogramming system allows a hacker to bypass security restrictions.

The vulnerability of the httpd-daemon of D-Link G416 microprogrammed router software is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to bypass security restrictions remotely...

CVE-2023-49007

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...

TOTOLINK X6000R Security Breach

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X6000R version V9.4.0cu.852B20230719, which originates from the sub417338 function of the shttpd file that obtains fields from the front-end, connects them via the snprintf...

The vulnerability of the httpd next_page function in the microprogramming software of industrial Wi-Fi routers Yifan YF325 allows a hacker to execute arbitrary commands.

The vulnerability of the httpd nextpage function in the microprogramming-based industrial Wi-Fi routers Yifan YF325 relates to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the httpd microprogramming system in Wi-Fi routers from NETGEAR R6400v2 allows a intruder to execute arbitrary code.

The vulnerability of the httpd microprogramming system in NETGEAR R6400v2 Wi-Fi routers lies in the fact that the execution of operations goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malicious web page...

CVE-2023-34358

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition...

Amazon Linux 2023 : perl-HTTP-Daemon, perl-HTTP-Daemon-tests (ALAS2023-2023-247)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-247 advisory. HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison...

Low: perl-HTTP-Daemon

Issue Overview: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based...

Fedora: Security Advisory for perl-HTTP-Daemon (FEDORA-2023-748e811334)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 38 Update: perl-HTTP-Daemon-6.16-1.fc38

Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::IP, so you can perform socket operations directly on it too...

Fedora 38 : perl-HTTP-Daemon (2023-748e811334)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-748e811334 advisory. 6.16 2023-02-24 03:07:14Z - Bump LWP::UserAgent to 6.37 in TestSuggests GH65 Olaf Alders ---- 6.15 2023-02-22 22:02:46Z - Fix CVE-2022-31081: Inconsistent...

[SECURITY] Fedora 37 Update: perl-HTTP-Daemon-6.16-1.fc37

Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::IP, so you can perform socket operations directly on it too...

[SECURITY] Fedora 36 Update: perl-HTTP-Daemon-6.16-1.fc36

Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::IP, so you can perform socket operations directly on it too...