Buffer overflow

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19multiTD01, AC9 V1.0 V15.03.05.196318CN, AC9 V3.0 V15.03.06.42multi, AC15 V1.0 V15.03.05.19multiTD01, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the...

Buffer overflow

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19multiTD01, AC9 V1.0 V15.03.05.196318CN, AC9 V3.0 V15.03.06.42multi, AC15 V1.0 V15.03.05.19multiTD01, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the...

CVE-2020-13389

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19multiTD01, AC9 V1.0 V15.03.05.196318CN, AC9 V3.0 V15.03.06.42multi, AC15 V1.0 V15.03.05.19multiTD01, and AC18 V15.03.05.196318CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the...

CVE-2020-13391

CVE-2020-13391 affects Tenda AC6/AC9/AC15/AC18 devices (various firmwares). A buffer overflow exists in the httpd when handling the POST /goform/SetSpeedWan with the speed_dir parameter, where the input is directly used in a sprintf to a local stack variable, overwriting the return address and en...

CVE-2020-13393

CVE-2020-13393 affects multiple Tenda routers (e.g., AC6/AC9/AC15/AC18) where the httpd web server mishandles POST data to /goform/saveParentControlInfo. The root cause is a buffer overflow: a value from the deviceId and time parameters is copied via strcpy into a stack variable, overwriting the ...

PT-2020-13516 · Tenda · Tenda Ac6 +3

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 1.0 V15.03.05.19 multi TD01 Tenda AC9 version 1.0 V15.03.05.196318 CN Tenda AC9 version 3.0 V15.03.06.42 multi Tenda AC15 version 1.0 V15.03.05.19 multi TD01 Tenda AC18 version 15.03.05.196318 CN Description: A buffer overfl...

Amazon Linux 2 : httpd (ALAS-2020-1427)

The version of httpd installed on the remote host is prior to 2.4.43-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1427 advisory. In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server...

Open Redirection

httpd is vulnerable to open redirection. The modrewrite configurations is vulnerable to open redirect due to lack of validation in the URL...

Security Bulletin: Vulnerability in Apache HTTPD affects IBM Integrated Analytics System

Summary Apache HTTPD is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-1312 DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by the failure to properly...

EulerOS Virtualization for ARM 64 3.0.2.0 : httpd (EulerOS-SA-2020-1552)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Juniper Networks Junos OS Service Has Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS in J-Web and Web HTTP/HTTPS based services. An attacker could...

Photon OS 1.0: Httpd PHSA-2020-1.0-0290

An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0290. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136106...

CVE-2020-8798

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

CVE-2020-8798

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

Design/Logic Flaw

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

CVE-2020-8798

httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to change or access router settings by connecting to the unauthenticated setup3.htm endpoint from the local network...

CVE-2020-8798

The vulnerability CVE-2020-8798 affects Juplink RX4-1500 routers (firmware versions v1.0.3–v1.0.5). The httpd service exposes an unauthenticated setup3.htm endpoint on the local network, which allows remote attackers to change or access router settings. The exposed detail in connected CNVD/NVD en...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0290

An update of 'openjdk', 'linux', 'openjdk11', 'envoy', 'linux-esx', 'httpd', 'PyYAML', 'systemd' packages of Photon OS has been released...

Photon OS 2.0: Httpd PHSA-2020-2.0-0228

An update of the httpd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0228. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135864...