PT-2025-37457

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version 15.03.06.23 Description: A stack-based buffer overflow vulnerability exists in the HTTP Request Handler component of the Tenda AC1206. The vulnerability is located in the check param changed function within the...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to an improper check of complex JSON in the HTTP handler. An attacker can cause excessive memory and CPU consumption by submitting specially-crafted payloads that meet the default...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to an improper check of complex JSON in the HTTP handler. An attacker can cause excessive memory and CPU consumption by submitting specially-crafted payloads that meet the default...

D-Link DI-8100 /jingx.asp File Buffer Overflow Vulnerability

The D-Link DI-8100 is a broadband router from D-Link designed for small to medium-sized network environments, supporting up to 4 Internet ports and 4 LAN ports for up to 80 simultaneous users. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from the failure of the...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a broadband router from D-Link designed for small to medium-sized network environments, supporting up to 4 Internet ports and 4 LAN ports for up to 80 simultaneous users. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from the failure of the...

AUO DIR-825 sub_4091AC Function Buffer Overflow Vulnerability

The AUO DIR-825 is a dual-band wireless router from AUO D-Link, mainly for SMB and SOHO environments. The AUO DIR-825 suffers from a buffer overflow vulnerability, which originates from the failure of the sub4091AC function in the HTTP POST Request Handler component to correctly validate the leng...

CVE-2025-6402

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

CVE-2025-5911

A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates in the file /boafrm/formReflashClientTbl in the HTTP POST Request Handler component, which can be exploited by an attacker to execute...

CVE-2025-4825

A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

D-Link DAP-1562 安全漏洞

The D-Link DAP-1562 is a wireless bridge from China's AUO D-Link. The D-Link DAP-1562 suffers from a null pointer dereference vulnerability, which originates from a null pointer dereference to parameter a1 in the HTTP POST Request Handler's function pureauthcheck, for which no detailed...

PT-2025-6890 · Unknown · Seventh D-Guard

Name of the Vulnerable Software and Affected Versions: Seventh D-Guard versions up to 20250206 Description: A vulnerability has been found in the HTTP GET Request Handler component of Seventh D-Guard, affecting an unknown part of it. The manipulation leads to path traversal, and it is possible to...

WISI Tangram GT31 代码问题漏洞

WISI Tangram GT31 is a module for a high-density digital platform from WISI. A code issue vulnerability exists in WISI Tangram GT31 20241214 and prior versions that stems from a component HTTP request handler that can lead to server-side request forgery...

PT-2024-17139 · Ipc · Ipc Unigy Management System

Name of the Vulnerable Software and Affected Versions: IPC Unigy Management System version 04.03.00.08.0027 Description: A critical issue was found in the HTTP Request Handler component, which can lead to server-side request forgery. This issue can be exploited remotely. The exploit has been...

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link routers such as DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software systems allows a hacker to disclose confidential information.

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software routers is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose...

The vulnerability of the “Updates Service” software, which allows a hacker to gain access to read local files.

The vulnerability of the “Updates Service” software’s web request handler lies in the lack of limits on authentication attempts. Exploiting this vulnerability can allow a malicious actor to gain read access to local files...

PT-2024-3954 · Fortinet · Fortiwebmanager

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWebManager versions 6.0.2, 6.2.3 through 6.2.4, 6.3.0, 7.0.0 through 7.0.4, and 7.2.0 Description: The issue is related to an improper authorization in the HTTP Request Handler component of Fortinet FortiWebManager, which can be...

PT-2024-15890 · Unknown · Spycamlizard

Name of the Vulnerable Software and Affected Versions: SpyCamLizard version 1.230 Description: A vulnerability has been found in the HTTP GET Request Handler component of SpyCamLizard, affecting an unknown function. This issue leads to denial of service and can be exploited remotely. The exploit...

PT-2024-15775 · Unknown · Miczflor Rpi-Jukebox-Rfid

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.5.0 Description: A critical issue affects some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc...