138 matches found
EUVD-2020-21401
Malware in sbrugna...
EUVD-2020-20219
Malware in sbrugna...
CVE-2020-29019
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...
(Pwn2Own) Lexmark CX331adwe httpd extract-trace Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark CX331adwe printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the httpd...
The vulnerability of the formSetCfm() function in the httpd daemon of the wireless access points’ microprogramming software from Tenda i9, which allows a intruder to trigger a service failure.
The vulnerability of the formSetCfm function in the httpd daemon of the microprogrammed wireless access points from Tenda i9 is related to the operation that goes beyond the buffer in memory when processing the funcpara1 parameter. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the formwrlSSIDset() function in the httpd daemon of the wireless access point Tenda W6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formwrlSSIDset function in the httpd daemon of the microprogrammed wireless access points Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to compromise th...
K25691186: BIG-IP Configuration utility vulnerability CVE-2020-27715
Security Advisory Description Crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon. CVE-2020-27715 Impact Unable to access the affected BIG-IP system's Configuration utility. Security Advisory Status F5 Product Development has...
The vulnerability in the httpd-demon of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the httpd daemon in the microprogramming-based routing software of TP-Link Archer C5 version 2 and TP-Link WR710N version 1 is related to buffer overflows during packet processing. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service...
The vulnerability of the httpd daemon in FortiOS operating systems and the proxy server designed to protect against Internet attacks by FortiProxy allows a perpetrator to cause a service failure.
The vulnerability of the httpd daemon in FortiOS operating systems, as well as the proxy server used for protecting against Internet attacks via FortiProxy, is related to writing data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service...
PT-2022-5721 · NetGear · Netgear R7000P
Name of the Vulnerable Software and Affected Versions: Netgear R7000P version 1.3.0.8 Description: The issue is related to a buffer overflow error in the httpd daemon of the NETGEAR R7000P router's software, specifically through the enable band steering parameter. This could allow a remote attack...
PT-2022-5722 · NetGear · Netgear R7000P
Name of the Vulnerable Software and Affected Versions: Netgear R7000P version 1.3.1.64 Description: The issue is related to buffer overflow errors in the httpd daemon of the NETGEAR R7000P router's embedded software. These errors occur through the starthour, startminute, endhour, and endminute...
The vulnerability of the httpd daemon in the microprogramming software of TP-Link’s TL-WR841N routers allows a hacker to execute arbitrary code.
The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link’s TL-WR841N is related to reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2022-30024
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...
Buffer overflow
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...
CVE-2022-30024
CVE-2022-30024 is a buffer overflow in the TP-Link TL-WR841N series httpd daemon (firmware version 3.16.9 and earlier) that allows an authenticated remote attacker to execute arbitrary code by sending a GET request to the System Tools page. Affected devices include TL-WR841N V12 (EU/other regiona...
CVE-2022-30024
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...
PT-2022-3664 · Tp Link · Tp-Link Tl-Wr841N
Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions 3.16.9 and earlier Description: A buffer overflow in the httpd daemon allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This...
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...
CVE-2020-29019
A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...