CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

Buffer overflow

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

CVE-2022-30024 is a buffer overflow in the TP-Link TL-WR841N series httpd daemon (firmware version 3.16.9 and earlier) that allows an authenticated remote attacker to execute arbitrary code by sending a GET request to the System Tools page. Affected devices include TL-WR841N V12 (EU/other regiona...

PT-2022-3664 · Tp Link · Tp-Link Tl-Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions 3.16.9 and earlier Description: A buffer overflow in the httpd daemon allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2025)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2053)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : httpd (EulerOS-SA-2022-2025)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for...

Fedora: Security Advisory for httpd (FEDORA-2022-b54a8dee29)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2022-24070)

Summary Apache Subversion is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting Apache Subversion has been published in a security bulletin. Vulnerability Details CVEID: CVE-2022-24070 DESCRIPTION: Apache Subversion is vulnerable to a denial of service,...

The vulnerability of the httpd module of the microprogramming system used in Tenda AC18 routers allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the httpd microprogramming system for the Tenda AC18 router is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information by using...

CLSA-2022-1656958887 Fixed CVE-2022-31813 in httpd-43.module_el8.5.0+2067+6f259f31.tuxcare.els7

ELS-190: Fix undefined reference to PROXYSHOULDPING100CONTINUE in approxycreatehdrbrgd that occured in httpd-2.4.37-CVE-2022-31813.patch...

Fedora: Security Advisory for httpd (FEDORA-2022-e620fb15d5)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Privilege escalation

Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...

Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache HTTPD Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apescapehtml2 function. The issue results from the lack of proper validation of...

Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377

CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-31813: modproxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded- headers correctly...

CLSA-2022-1656430723 Fixed CVEs in httpd: CVE-2022-28615, CVE-2022-31813, CVE-2022-26377

CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-31813: modproxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded- headers correctly...

CLSA-2022-1656429967 Fixed CVEs in httpd-39.module_el8.4.0+2061+54659116.1.tuxcare.centos8.4-els: CVE-2022-28615, CVE-2022-31813, CVE-2022-30556, CVE-2022-26377, CVE-2022-30522

CVE-2022-30522: modsed: limit memory usage - CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-30556: modlua: fix r:wsread to not return length that point past the end of the storage allocated for the buffer -...

Critical Photon OS Security Update - PHSA-2022-0409

Updates of 'linux-esx', 'linux-secure', 'linux-aws', 'linux-rt', 'linux', 'httpd' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-3.0-0409

Updates of 'httpd', 'linux', 'linux-rt', 'linux-esx', 'linux-aws', 'linux-secure' packages of Photon OS have been released...