CVE-2023-34359

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "dojsondecode" function of ej.c, resulting in a DoS condition...

Design/Logic Flaw

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "dojsondecode" function of ej.c, resulting in a DoS condition...

Design/Logic Flaw

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition...

CVE-2023-34359 ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "dojsondecode" function of ej.c, resulting in a DoS condition...

CVE-2023-34359

ASUS RT-AX88U exposes a DoS vulnerability in httpd caused by a buffer/ej.c do_json_decode() mismanagement. Remote attackers can trigger via specially crafted requests to crash the httpd binary, yielding unauthenticated denial of service. Public sources in the CVE describe the issue as an unauthen...

CVE-2023-34359 ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "dojsondecode" function of ej.c, resulting in a DoS condition...

CVE-2023-34358 ASUS RT-AX88U - Out-of-bounds Read - 1

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition...

CVE-2023-34358 ASUS RT-AX88U - Out-of-bounds Read - 1

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition...

CVE-2023-34358

The CVE-2023-34358 entry applies to the ASUS RT-AX88U router (httpd). Affected component: httpd, vulnerable in the web.c string comparison when processing a crafted User-Agent, leading to an unauthenticated DoS (remote attacker can crash the httpd binary). Root cause appears to be input handling ...

ASUS RT-AX88U 缓冲区错误漏洞

The ASUS RT-AX88U is a wireless router from Asus China. The ASUS RT-AX88U suffers from a buffer overflow vulnerability that stems from a failure to check the buffer input size, which can be exploited by a remote attacker who can send a specially crafted request to the device, resulting in a crash...

PT-2023-4143 · Asus · Asus Rt-Ax88U

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX88U affected versions not specified Description: The issue is related to an error in the do json decode function of the ej.c file in the ASUS RT-AX88U router's firmware, which can cause a buffer overflow. A remote attacker can explo...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-2462)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-4045 · Asus · Asus Rt-Ax88U

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX88U affected versions not specified Description: The issue is related to an unauthenticated DoS condition in the httpd component of the ASUS RT-AX88U router. A remote attacker can send a specially crafted request containing a specif...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2023-2487)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack...

EulerOS Virtualization 2.10.1 : httpd (EulerOS-SA-2023-2462)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack...

EulerOS Virtualization 3.0.6.6 : httpd (EulerOS-SA-2023-2425)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-2425)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-35086 ASUS RT-AX56U V2 & RT-AC86U - Format String -1

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessagenormal function, in the dodetwancgi module of httpd. A remote attacker with administrator privilege can exploit...

PT-2023-4035 · Asus · Asus Rt-Ac86U +1

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 version 3.0.0.4.386 50460 ASUS RT-AC86U version 3.0.0.4 386 51529 Description: A format string vulnerability is identified in the ASUS RT-AX56U V2 and RT-AC86U routers. This issue is caused by directly using input as a format...

CVE-2022-46080

Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET...