379 matches found
The vulnerability of the httpd daemon in the microprogramming software of TP-Link’s TL-WR940N router allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link, the TL-WR940N, is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...
CVE-2021-4030
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts...
CVE-2021-4030
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts...
CVE-2021-4030
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts...
CVE-2021-4030
CVE-2021-4030 describes a cross-site request forgery in the HTTP daemon of Zyxel ARMOR Z1/Z2 firmware. By tricking a local user into visiting a malicious site, an attacker could coerce the user to execute arbitrary commands on the device via the compromised HTTP daemon. The provided documents con...
FortiWeb - Incorrect handling of large requests leads to denial of service
An uncontrolled resource consumption vulnerability CWE-400 in FortiWeb may allow an unauthenticated attacker to cause a Denial of Service to the FortiWeb's HTTP daemon via sending a large amount of crafted HTTP requests...
ZTE MF971R HTTP_HOST CRLF Injection vulnerability
Summary An exploitable CRLF injection vulnerability exists in ZTE MF971R LTE router version wainnerversion:BDPLKPLMF971R1V1.0.0B06. A specially-crafted HTTP request can cause a CRLF injection. An attacker needs to provide a URL to the victim to trigger the vulnerability. Tested Versions ZTE...
Artica Proxy VMWare Appliance 4.30.000000 SP273 Path Traversal Vulnerability
Product: Artica Proxy VMWare Appliance Vendor/Manufacturer: ArticaTech https://www.articatech.com Affected Versions: 4.30.000000 =SP273 Tested Versions: 4.30.000000 SP273 Vulnerability Type: Relative path traversal CWE-23, Improper Limitation of a Pathname to a restricted Directory CWE-22, CWE 35...
CVE-2020-27715
On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...
ASUS RT-AX86U suffers from a buffer overflow vulnerability
The ASUS RT-AX86U is a wireless router. A buffer overflow vulnerability exists in the ASUS RT-AX86U. The vulnerability stems from the RT-AX86U failing to limit the length of parameters when handling the Blockingrequest service in the httpd service, which can be exploited by an attacker to cause a...
Buffer overflow vulnerability in multiple Tenda products (CNVD-2020-31387)
The Tenda AC9, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in httpd in multiple Tenda products. The vulnerability can be exploited to execute arbitrary code by sending the 'entrys' and 'mitInterface' parameters to the /goform/addressNa...
Juplink Intelligent Technologies RX4-1500 Unauthorized Operation Vulnerability
The Juplink Intelligent Technologies RX4-1500 is a wireless router from Juplink Intelligent Technologies. A security vulnerability exists in httpd in the Juplink Intelligent Technologies RX4-1500 versions v1.0.3 through v1.0.5. A remote attacker could use this vulnerability to modify or access...
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication...
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication...
Security feature bypass
Monkey HTTP Daemon has local security bypass...
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
CVE-2013-2183
Technical details about CVE-2013-2183 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.