190 matches found
CVE-2025-5146
A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...
CVE-2025-5183
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. The attack may be initiated...
CVE-2025-5184
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response Header Handler. The manipulation leads to information disclosure. It is possible to launch the...
CVE-2025-5183
Summary: Summer Pearl Group Vacation Rental Management Platform (up to v1.0.1) has an open redirect caused by manipulation of the Host argument in the Header Handler. This may enable remote abuse to redirect users to arbitrary URLs. Exploit details are not provided in the connected documents. Rem...
CVE-2025-5183 Summer Pearl Group Vacation Rental Management Platform Header redirect
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. The attack may be initiated...
CVE-2025-5146 Netcore NBR200V2 HTTP Header routerd passwd_set command injection
A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...
CVE-2025-5146 Netcore NBR200V2 HTTP Header routerd passwd_set command injection
A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...
CVE-2025-5146
CVE-2025-5146 affects Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 (up to 20250508). The vulnerability resides in the passwd_set function of /usr/bin/routerd within the HTTP Header Handler, where manipulation of the pwd argument enables remote command injection. The e...
PT-2025-22857 · Netcore · Netcore Nbr100V2 +6
Name of the Vulnerable Software and Affected Versions: Netcore NBR1005GPEV2 versions up to 20250508 Netcore B6V2 versions up to 20250508 Netcore COVER5 versions up to 20250508 Netcore NAP830 versions up to 20250508 Netcore NAP930 versions up to 20250508 Netcore NBR100V2 versions up to 20250508...
CVE-2025-0697
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely...
CVE-2023-4463
A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated remotely. The exploit...
CVE-2023-4965
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
CVE-2019-25101
A vulnerability classified as critical has been found in OnShift TurboGears 1.0.11.10. This affects an unknown part of the file turbogears/controllers.py of the component HTTP Header Handler. The manipulation leads to http response splitting. It is possible to initiate the attack remotely...
D-Link DIR-880L /htdocs/ssdpcgi File Command Injection Vulnerability
The D-Link DIR-880L is a dual-band Gigabit wireless router from China's AUO D-Link. The D-Link DIR-880L suffers from a command injection vulnerability, which arises from the failure of the file /htdocs/ssdpcgi in the component Request Header Handler to correctly filter the constructed command...
CVE-2025-4328
A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file...
CVE-2025-4341 D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command...
CVE-2025-4328
A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file...
spring-cloud-base 安全漏洞
spring-cloud-base is an application by fp2952 individual developer. A security vulnerability exists in spring-cloud-base, which originates in the component HTTP Header Handler in the file /spring-cloud-base-master/auth-center/auth-center-provider/src/main/java/com/...
PT-2025-19924 · Unknown · Spring-Cloud-Base
Name of the Vulnerable Software and Affected Versions: spring-cloud-base versions up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa Description: A problem has been declared in the function sendBack of the file...
The vulnerability of the HeaderHandler component in the Java framework of Apache Camel allows a attacker to compromise the integrity and accessibility of the protected information.
The vulnerability of the Header Handler component in the Java framework Apache Camel is related to the lack of measures taken to neutralize internal special elements. Exploiting this vulnerability allows a remote attacker to compromise the integrity and accessibility of the protected information...