Denial Of Service (DoS)

Python is vulnerable to denial of serviceDoS. Due to a flaw found in the way the Python CGIHTTPServer module processed certain HTTP GET requests, a remote attacker could use a specially-crafted request to obtain the CGI script's source code...

Arbitrary Command Execution

redhat-ds-admin is vulnerable to arbitrary command execution. The vulnerability exists as a shell command injection flaw was discovered in the Red Hat Administration Server replication monitor CGI script used by Red Hat Directory Server 8.0. An attacker with access to the replication monitor web...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. The vulnerability exists as a heap buffer overflow flaw was found in a CUPS administration interface CGI script. A local attacker able to connect to the IPP port TCP port 631 could send a malicious request causing the script to crash or, potentially...

CVE-2019-16072

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

Command injection

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

CVE-2019-16072

An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...

CVE-2019-19945

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

Integer overflow

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

CVE-2019-19945

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

CVE-2016-5388

It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker coul...

EulerOS Virtualization for ARM 64 3.0.2.0 : pcre (EulerOS-SA-2020-1219)

According to the version of the pcre packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain...

D-Link DIR-825 and TRENDnet TEW-632BRP Command Injection Vulnerability (CNVD-2020-16100)

The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router.The TRENDnet TEW-632BRP is a 300Mbps wireless home router. A command injection vulnerability exists in the D-Link DIR-825 and TRENDnet TEW-632BRP. A remote attacker can exploit this vulnerability to execute arbitrary commands...

CVE-2020-8126

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

Privilege escalation

A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user Privilege-1 to escalate privileges and became administrator Privilege-15...

CVE-2020-8126

The CVE-2020-8126 case affects Ubiquiti EdgeSwitch before version 1.7.1, where a CGI script does not fully sanitize user input, enabling local command execution. An operator-privilege user (Privilege-1) can escalate to administrator (Privilege-15). The issue is triggered via crafted input in the ...

Huawei EulerOS: Security Advisory for pcre (EulerOS-SA-2019-2486)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Advisory 2020-01-13-1 - uhttpd invalid data access via HTTP POST request (CVE-2019-19945)

DESCRIPTION An invalid data access can be triggered with an HTTP POST request to a CGI script specifying both Transfer-Encoding: chunked and a large Content-Length which exceeds 2^31 and is interpreted as a signed negative number. The negative content length is assigned to r→contentlength in...

CVE-2019-7485

Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier...

CVE-2019-7485

CVE-2019-7485 affects the SonicWall SMA100 appliance (firmware versions up to 9.0.0.3). The root cause is a buffer overflow in the DEARegister CGI script , exploitable by an authenticated user to execute arbitrary code on the device . Affected product: SMA100; impact includes potential control ov...

CVE-2019-7486

Code injection in SonicWall SMA100 allows an authenticated user to execute arbitrary code in viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.4 and earlier...