3058 matches found
CVE-2026-50651
.NET Denial of Service Vulnerability - HTTP/2 SETTINGS/PING ACK flood causing OOM...
CVE-2026-15429
A privilege escalation vulnerability exists in the HTTP authentication component in Archer VX1800v v1. Improper handling of user-controlled input may allow newline characters to be injected into internally constructed configuration data. An authenticated user with sufficient privileges may be abl...
CVE-2026-27690
Due to an HTTP Request Smuggling vulnerability in SAP Approuter, an unauthenticated attacker could send a specially crafted HTTP request that leads to request-response desynchronization. This could result in the exposure of user responses and cause the system to become unavailable. This leads to ...
CVE-2026-62186
OpenClaw versions before 2026.6.8 contain an authorization bypass vulnerability in OpenAI-compatible HTTP model overrides that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to bypass admin authorization...
firefox: thunderbird: Use-after-free in the Networking: HTTP component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...
UBUNTU-CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
Linux Distros Unpatched Vulnerability : CVE-2026-15146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that...
CVE-2026-55213
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...
CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show options...
FTP Fetch, Windows Command Shell, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/shell/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION...
FTP Fetch, Windows Disable Windows ICF, Command Shell, Bind TCP Inline
Fetch and execute an x86 payload from an FTP server. Disable the Windows ICF, then listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/ftp/x86/shellbindtcpxpfw msf payloadshellbindtcpxpfw show actions ...actions... msf payloadshellbindtcpxpfw set ACTION ms...
FTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and se...
FTP Fetch, Windows Upload/Execute, Reverse UDP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/upexec/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf...
FTP Fetch, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/ftp/x86/peinject/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid show...
FTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/peinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and set...
FTP Fetch, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/vncinject/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show optio...
FTP Fetch, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an FTP server. Listen for a connection No NX Module Options msf use payload/cmd/windows/ftp/x86/vncinject/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and set...
FTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...