CVE-2025-7914

A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely...

Tenda AC6 安全漏洞

Tenda AC6 is a dual-band wireless router that supports IPv4 and IPv6 protocols and is designed for home network environments. Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the httpd component function setparentcontrolinfo fails to correctly validate the length of t...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

CVE-2012-4443

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access...

CVE-2013-2183

Monkey HTTP Daemon has local security bypass...

CVE-2013-2159

Monkey HTTP Daemon: broken user name authentication...

CVE-2013-2181

Cross-site scripting XSS vulnerability in the Directory Listing plugin in Monkey HTTP Daemon monkeyd 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name...

CVE-2012-4442

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check...

CVE-2002-2154

Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. dot dot sequences...

CVE-1999-0267

Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution...

CVE-2021-4030

A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts...

PT-2024-35418 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.1041 B20240224 Description: The issue arises from the use of the Uci Set function without strict parameter filtering in the shttpd file. This allows an attacker to achieve arbitrary command execution by...

CVE-2024-47497

An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service DoS. An attacker can send specific HTTPS connection requests to...

CVE-2024-47497

An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service DoS. An attacker can send specific HTTPS connection requests to...

CVE-2024-47497 Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion

An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service DoS. An attacker can send specific HTTPS connection requests to...

CVE-2024-47497

CVE-2024-47497 affects Juniper Junos OS on SRX, QFX, MX and EX Series. The vulnerability is an Uncontrolled Resource Consumption in the httpd process when handling certain HTTPS requests, causing unauthenticated, network-based DoS via resource exhaustion and device restart. Affected versions incl...

Juniper Junos OS Vulnerability (JSA88124)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88124 advisory. - An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an...

PT-2024-7142 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S7 Junos OS versions 22.2 prior to 22.2R3-S4 Junos OS versions 22.3 prior to 22.3R3-S3 Junos OS versions 22.4 prior to 22.4R3-S2 Junos OS versions 23.2 prior to 23.2R2-S1 Junos OS versions 23.4 prior to...

HughesNet HT2000W Satellite Modem - Password Reset Exploit

Exploit Title: HughesNet HT2000W Satellite Modem Arcadyan httpd 1.0 - Password Reset Exploit Author: Simon Greenblatt Vendor: HughesNet Version: Arcadyan httpd 1.0 Tested on: Linux CVE: CVE-2021-20090 import sys import requests import re import base64 import hashlib import urllib red = "\0330;41m...

ROS-20240816-03

Vulnerability of HTTP Daemon is related to inconsistent interpreting of HTTP requests when processing 'Content-Length' string values. when processing 'Content-Length' string values. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate their privileges by sending...