Lucene search
+L

36 matches found

ATTACKERKB
ATTACKERKB
added 2023/07/06 2:15 a.m.3 views

CVE-2022-46080

Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET...

9.8CVSS7.5AI score0.02556EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/01/09 12:0 a.m.8 views

Linksys WRT54GL 缓冲区错误漏洞

The Linksys WRT54GL is a wireless router from Linksys USA. A buffer overflow vulnerability exists in the Linksys WRT54GL Wireless-G Broadband Router. The vulnerability stems from a boundary error in the StartEPI function in the httpd binary when handling untrusted input, and can be exploited by a...

7.2CVSS7.9AI score0.19304EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.4 views

NETGEAR R7000P 缓冲区错误漏洞

The NETGEAR R7000P is Netgear's Nighthawk series of dual-band routers optimized for gaming, streaming and mobile devices. The NETGEAR R7000P suffers from a buffer overflow vulnerability that stems from being affected by the enablebandsteering parameter in /usr/sbin/httpd. No detailed vulnerabilit...

9.8CVSS7.2AI score0.01091EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/19 12:0 a.m.7 views

Tenda AC9 缓冲区错误漏洞

Tenda AC9 is a wireless router from Tenda, China. Tenda AC9 V15.03.2.13 is vulnerable to a buffer overflow vulnerability caused by a stack buffer overflow in formfastsettingwifiset in the httpd server. An authenticated local attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS7AI score0.0024EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.15 views

The vulnerability of the httpd module in DD-WRT microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the httpd module in DD-WRT microprogramming software is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted HTTP request...

5.3CVSS6.8AI score0.01035EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.6 views

InHand Networks InRouter302 缓冲区错误漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, U.S.A. A buffer overflow vulnerability exists in InHand Networks InRouter302 version V3.5.4, which stems from the httpd parsepingresult API function A boundary error occurs when handling untrusted input, which can be...

8.2CVSS8.2AI score0.01256EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/03/01 12:0 a.m.7 views

The vulnerability of the httpd daemon in the microprogramming software of TP-Link’s TL-WR940N router allows a intruder to gain unauthorized access to protected information.

The vulnerability of the httpd daemon in the microprogramming-based router software from TP-Link’s TL-WR940N is related to deficiencies in access control. Exploiting this vulnerability could allow a hacker to gain unauthorized access to protected information...

6.5CVSS6.5AI score0.00585EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.8 views

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE500, RS400, WNDR3400v3, WNR3500Lv2, D6220, D6400, and wireless repealers like EX6120, EX6130, EX7500, allows a perpetrator to execute arbitrary code.

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE50...

8.8CVSS8AI score0.00576EPSS
Exploits0References4Affected Software35
CNVD
CNVD
added 2020/05/25 12:0 a.m.4 views

Buffer overflow vulnerability in multiple Tenda products (CNVD-2020-31386)

The Tenda AC9, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in httpd in multiple Tenda products. The vulnerability can be exploited to execute arbitrary code by sending the 'schedStartTime' and 'schedEndTime' parameters to the...

9.8CVSS8.4AI score0.02552EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/06 12:0 a.m.4 views

Tenda AC9 Buffer Overflow Vulnerability

Tenda AC9 is a wireless router product from Tenda, a Chinese company. A stack buffer overflow vulnerability exists in httpd in Tenda AC9. A remote attacker can exploit this vulnerability to cause a denial of service...

9.8CVSS7.5AI score0.01779EPSS
Exploits1References1
CNVD
CNVD
added 2017/02/09 12:0 a.m.4 views

OpenBSD httpd Memory Exhaustion Denial of Service Vulnerability

OpenBSD is a cross-platform, BSD-based UNIX-like operating system developed by the Canadian OpenBSD project. A memory exhaustion denial of service vulnerability exists in the OpenBSD httpd daemon. An attacker can exploit the vulnerability to cause memory exhaustion, resulting in a denial of servi...

7.8CVSS6.7AI score0.17203EPSS
Exploits7References1
OSV
OSV
added 2010/11/22 12:54 p.m.4 views

DEBIAN-CVE-2010-3872

A flaw was found in the modfcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgidbucket.c file in the fcgidheaderbucketread function, resulting in an application crash...

7.5CVSS7.2AI score0.02772EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2009/08/14 12:0 a.m.7 views

PT-2009-5129

Name of the Vulnerable Software and Affected Versions DD-WRT versions prior to build 12533 Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a "cgi-bin/" URI. This is due to a problem in the httpd.c in httpd in the management GUI...

8.3CVSS7.5AI score0.82504EPSS
Exploits7References18
Tenable Nessus
Tenable Nessus
added 2006/09/29 12:0 a.m.31 views

GLSA-200609-20 : DokuWiki: Shell command injection and Denial of Service

The remote host is affected by the vulnerability described in GLSA-200609-20 DokuWiki: Shell command injection and Denial of Service Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact : A remote attacker...

7.5CVSS6.2AI score0.02162EPSS
Exploits2References4
Gentoo Linux
Gentoo Linux
added 2006/09/28 12:0 a.m.27 views

DokuWiki: Shell command injection and Denial of service

Background DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend. Description Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact A remote attack...

7.5CVSS7.2AI score0.02162EPSS
Exploits2
Exploit DB
Exploit DB
added 2000/04/12 12:0 a.m.32 views

TalentSoft Web+ 4.x - Directory Traversal

source: https://www.securityfocus.com/bid/1102/info Web+ is an e-commerce server designed to run under a webserver, to provide web storefronts. The various scripts that are required to do this are specified to the webpsvr daemon via a 'script' variable passed to the webplus CGI. This CGI can be...

7.4AI score
Exploits0
Rows per page
Query Builder