The vulnerability of httpd-demon in NETGEAR’s integrated router software—NETGEAR R6400, NETGEAR R6400v2, NETGEAR R6700v3, NETGEAR R6900P, NETGEAR R7000, NETGEAR R7000P, NETGEAR R8500, NETGEAR RAX15, NETGEAR RAX20, NETGEAR RAX35v2, NETGEAR RAX38v2, NETGEAR RAX40v2, NETGEAR RAX42, NETGEAR RAX43, NETGEAR RAX45, NETGEAR RAX48, NETGEAR RAX50, NETGEAR RAX50S, NETGEAR RS400, NETGEAR R7100LG, NETGEAR LAX20, NETGEAR CAX80, NETGEAR MR80, NETGEAR MS80—allows a hacker to bypass authentication.

The vulnerability of httpd-demon in NETGEAR’s integrated router software—NETGEAR R6400, NETGEAR R6400v2, NETGEAR R6700v3, NETGEAR R6900P, NETGEAR R7000, NETGEAR R7000P, NETGEAR R8500, NETGEAR RAX15, NETGEAR RAX20, NETGEAR RAX35v2, NETGEAR RAX38v2, NETGEAR RAX40v2, NETGEAR RAX42, NETGEAR RAX43,...

CVE-2022-28380

The rc-httpd component through 2022-03-31 for 9front Plan 9 fork allows ..%2f directory traversal if serve-static is used...

CVE-2022-28380

The rc-httpd component through 2022-03-31 for 9front Plan 9 fork allows ..%2f directory traversal if serve-static is used...

CVE-2022-28380

The rc-httpd component through 2022-03-31 for 9front Plan 9 fork allows ..%2f directory traversal if serve-static is used...

Directory traversal

The rc-httpd component through 2022-03-31 for 9front Plan 9 fork allows ..%2f directory traversal if serve-static is used...

CVE-2022-28380

CVE-2022-28380 affects the rc-httpd component in plan9front (9front fork) up to 2022-03-31. The issue enables directory traversal via a crafted path containing ..%2f when serve-static is used, exposing potential access to restricted files. The connected sources confirm the vulnerable component an...

CVE-2022-28380

The rc-httpd component through 2022-03-31 for 9front Plan 9 fork allows ..%2f directory traversal if serve-static is used...

RHEL 7 : httpd (RHSA-2022:1137)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1137 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible...

RHEL 7 : httpd (RHSA-2022:1136)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1136 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible...

RHEL 7 : httpd (RHSA-2022:1138)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1138 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible...

RHEL 7 : httpd (RHSA-2022:1139)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1139 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modlua: Possible...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact...

httpd: mod_lua: Possible buffer overflow when parsing multipart content

A buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

httpd: mod_lua: Possible buffer overflow when parsing multipart content

A buffer overflow flaw in httpd's lua module could allow an out-of-bounds write. An attacker who is able to submit a crafted request to an httpd instance that is using the lua module may be able to cause an impact to confidentiality, integrity, and/or availability...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...