CVE-2025-60689

An unauthenticated command injection vulnerability exists in the StartEPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wlant, wlssid, wlrate, ttcpnum, ttcpip, ttcpsize are concatenated in...

CVE-2025-60689

An unauthenticated command injection vulnerability exists in the StartEPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wlant, wlssid, wlrate, ttcpnum, ttcpip, ttcpsize are concatenated in...

PT-2025-46868

Name of the Vulnerable Software and Affected Versions Linksys E1200 v2 router firmware versions prior to 2.0.11.001 us Description A flaw exists in the validate static route function of the httpd binary. This function does not properly check the size of data when combining CGI parameters – route...

CVE-2025-60690

CVE-2025-60690 affects Linksys E1200 v2 routers (firmware

CVE-2025-60694

CVE-2025-60694 affects Linksys E1200 v2 routers running firmware 2.0.11.001_us. A stack-based buffer overflow occurs in httpd's validate_static_route function, where CGI params route_ipaddr_0~3, route_netmask_0~3, and route_gateway_0~3 are concatenated into fixed-size buffers (v6, v10, v14) witho...

Linksys E1200 安全漏洞

Linksys E1200 is a router from Linksys USA. A security vulnerability exists in the Linksys E1200 E1200v2.0.11.001us.tar.gz version, which originates from a stack buffer overflow in the httpd binary, which could lead to the execution of arbitrary code or a denial of service...

PT-2025-46865

Name of the Vulnerable Software and Affected Versions Linksys E1200 v2 routers versions prior to v2.0.11.001 us Description A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers. The apply cgi and block cgi functions copy user-supplied input from the url CGI paramet...

CVE-2025-60691

A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The applycgi and blockcgi functions copy user-supplied input from the "url" CGI parameter into stack buffers v36, v29 using sprintf without bounds checking. Because these buffe...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2025-2415)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

EulerOS 2.0 SP12 : httpd (EulerOS-SA-2025-2328)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2328)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "form-data 4.0.0, org.apache.cxfcxf-core 3.6.7 , net/http/internal v1.24.1, braces 3.0.2 , cross-spawn 7.0.3 , crypto/x509 1.24.1 1.24.3 , github.com/golang-jwt/jwt/v4 github.com/golang-jwt/jwt/v5 v4.5.0 v5.2.1 , httpd 2.4.37 , setuptools 78.0.2 75.8.0 ,...

SUSE SLES15 : Recommended update 5.0.5.1 for Multi-Linux Manager Server (SUSE-SU-2025:3825-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3825-1 advisory. proxy-helm, proxy-httpd-image, proxy-salt-broker-image, proxy-squid-image, proxy-ssh-image, proxy-tftpd- image: - Images rebuilt to the newest version...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2294)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : httpd (EulerOS-SA-2025-2294)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications...

Brother DCP-J132W Printers Denial of Service (CVE-2017-12568)

Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W and probably other DCP models allows remote attackers to hang the printer disrupting its network connection by sending a large amount of HTTP packets. This plugin only works with Tenable.ot. Please visit...

[SECURITY] Fedora 41 Update: mod_http2-2.0.35-1.fc41

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

Security update 5.1.1 of SUSE Multi-Linux Manager

This update for SUSE Multi-Linux Manager fixes the following issues: proxy-helm was updated fromv version 5.1.7 to 5.1.9: Version 5.1.9 Chart rebuilt to the newest version with updated dependencies Version 5.1.8 Use traefik.io API group bsc1244919 proxy-httpd-image was updated fromv version 5.1.8...