36 matches found
CVE-2022-46080
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET...
Linksys WRT54GL 缓冲区错误漏洞
The Linksys WRT54GL is a wireless router from Linksys USA. A buffer overflow vulnerability exists in the Linksys WRT54GL Wireless-G Broadband Router. The vulnerability stems from a boundary error in the StartEPI function in the httpd binary when handling untrusted input, and can be exploited by a...
NETGEAR R7000P 缓冲区错误漏洞
The NETGEAR R7000P is Netgear's Nighthawk series of dual-band routers optimized for gaming, streaming and mobile devices. The NETGEAR R7000P suffers from a buffer overflow vulnerability that stems from being affected by the enablebandsteering parameter in /usr/sbin/httpd. No detailed vulnerabilit...
Tenda AC9 缓冲区错误漏洞
Tenda AC9 is a wireless router from Tenda, China. Tenda AC9 V15.03.2.13 is vulnerable to a buffer overflow vulnerability caused by a stack buffer overflow in formfastsettingwifiset in the httpd server. An authenticated local attacker can exploit this vulnerability to cause a denial of service...
The vulnerability of the httpd module in DD-WRT microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the httpd module in DD-WRT microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted HTTP request...
InHand Networks InRouter302 缓冲区错误漏洞
InHand Networks InRouter Series is a series of routers from InHand Networks, U.S.A. A buffer overflow vulnerability exists in InHand Networks InRouter302 version V3.5.4, which stems from the httpd parsepingresult API function A boundary error occurs when handling untrusted input, which can be...
The vulnerability of the httpd daemon in the microprogramming software of TP-Link’s TL-WR940N router allows a intruder to gain unauthorized access to protected information.
The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link’s TL-WR940N is related to deficiencies in access control. Exploiting this vulnerability could allow a hacker to gain unauthorized access to protected information...
The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE500, RS400, WNDR3400v3, WNR3500Lv2, D6220, D6400, and wireless repealers like EX6120, EX6130, EX7500, allows a perpetrator to execute arbitrary code.
The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE50...
Buffer overflow vulnerability in multiple Tenda products (CNVD-2020-31386)
The Tenda AC9, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in httpd in multiple Tenda products. The vulnerability can be exploited to execute arbitrary code by sending the 'schedStartTime' and 'schedEndTime' parameters to the...
Tenda AC9 Buffer Overflow Vulnerability
Tenda AC9 is a wireless router product from Tenda, a Chinese company. A stack buffer overflow vulnerability exists in httpd in Tenda AC9. A remote attacker can exploit this vulnerability to cause a denial of service...
OpenBSD httpd Memory Exhaustion Denial of Service Vulnerability
OpenBSD is a cross-platform, BSD-based UNIX-like operating system developed by the Canadian OpenBSD project. A memory exhaustion denial of service vulnerability exists in the OpenBSD httpd daemon. An attacker can exploit the vulnerability to cause memory exhaustion, resulting in a denial of servi...
DEBIAN-CVE-2010-3872
A flaw was found in the modfcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgidbucket.c file in the fcgidheaderbucketread function, resulting in an application crash...
PT-2009-5129
Name of the Vulnerable Software and Affected Versions DD-WRT versions prior to build 12533 Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a "cgi-bin/" URI. This is due to a problem in the httpd.c in httpd in the management GUI...
GLSA-200609-20 : DokuWiki: Shell command injection and Denial of Service
The remote host is affected by the vulnerability described in GLSA-200609-20 DokuWiki: Shell command injection and Denial of Service Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact : A remote attacker...
DokuWiki: Shell command injection and Denial of service
Background DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend. Description Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact A remote attack...
TalentSoft Web+ 4.x - Directory Traversal
source: https://www.securityfocus.com/bid/1102/info Web+ is an e-commerce server designed to run under a webserver, to provide web storefronts. The various scripts that are required to do this are specified to the webpsvr daemon via a 'script' variable passed to the webplus CGI. This CGI can be...