7 matches found
Spring AI: Insufficient Validation causes SSRF when processing multimodal messages with user-supplied URLs
Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...
CVE-2026-22742
The provided sources confirm a concrete SSRF vulnerability in Spring AI’s spring-ai-bedrock-converse BedrockProxyChatModel, triggered when processing multimodal messages with user-supplied media URLs. The root cause is insufficient validation of those URLs, allowing the server to issue HTTP reque...
CVE-2020-37096
Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering configuration interface. Attackers can craft malicious web pages to trick users into adding unauthorized MAC addresses to the device's filtering rules without their consent...
CVE-2025-3654
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endpoints. Attackers can retrieve device serial numbers and MAC addresses through...
CVE-2022-30728
Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information...
Technicolor TG588V V2 Denial of Service Vulnerability
The Technicolor TG588V V2 is an ADSL VDSL router. A denial of service vulnerability exists in the Technicolor TG588V V2. A remote attacker could exploit this vulnerability to cause a denial of service network outage via a large number of random MAC addresses...
TP-Link WR840N Denial of Service Vulnerability
The TP-Link WR840N is a wireless router product from China P&L TP-LINK. A buffer overflow vulnerability exists in the TP-Link WR840N. A remote attacker can exploit this vulnerability to cause a denial of service loss of connection via a series of packets containing random MAC addresses...