CVE-2025-5905 TOTOLINK T10 POST Request cstecgi.cgi setWiFiRepeaterCfg buffer overflow

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack m...

CVE-2025-5905

CVE-2025-5905 affects TOTOLINK T10 v4.1.8cu.5207. The vulnerability is in the POST Request Handler, specifically the function setWiFiRepeaterCfg in the file /cgi-bin/cstecgi.cgi where manipulation of the Password parameter leads to a buffer overflow. The issue can be exploited remotely and the ex...

CVE-2025-5901

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5901 TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...

TRENDnet TV-IP121W 授权问题漏洞

TRENDnet TV-IP121W is a night vision wireless camera from Trendnet. An authorization issue vulnerability exists in TRENDnet TV-IP121W version 1.1.1 Build 36, which stems from improper authentication in the file /admin/setup.cgi...

TOTOLINK T10 安全漏洞

The TOTOLINK T10 is a dual-band mesh networking router from TOTOLINK for full coverage needs of home and office networks. A buffer overflow vulnerability exists in TOTOLINK T10. The vulnerability stems from incorrect manipulation of the parameter desc in the file /cgi-bin/cstecgi.cgi. An attacker...

MGASA-2025-0177 Updated tomcat packages fix security vulnerability

Security constraint bypass for CGI scripts. CVE-2025-46701...

Updated tomcat packages fix security vulnerability

Security constraint bypass for CGI scripts. CVE-2025-46701...

RHEL 10 : ruby (RHSA-2025:8131)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8131 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

Apache Tomcat 10.1.0-M1 < 10.1.41 CGI Security Constraint Bypass

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.105, 10.1.0-M1 prior to 10.1.41 or 11.0.0-M1 prior to 11.0.7. It is, therefore, affected by a CGI security sonstraint bypass. Note that the scanner has not attempted to exploit these issues but has instead relied...

Apache Tomcat 9.0.0-M1 < 9.0.105 CGI Security Constraint Bypass

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.105, 10.1.0-M1 prior to 10.1.41 or 11.0.0-M1 prior to 11.0.7. It is, therefore, affected by a CGI security sonstraint bypass. Note that the scanner has not attempted to exploit these issues but has instead relied...

Apache Tomcat 11.0.0-M1 < 11.0.7 CGI Security Constraint Bypass

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.105, 10.1.0-M1 prior to 10.1.41 or 11.0.0-M1 prior to 11.0.7. It is, therefore, affected by a CGI security sonstraint bypass. Note that the scanner has not attempted to exploit these issues but has instead relied...

PT-2025-23480 · Multilaser · Multilaser Sirius Re016 Mlt1.0

Name of the Vulnerable Software and Affected Versions: Multilaser Sirius RE016 MLT1.0 Description: A problem was found in the processing of the file /cgi-bin/cstecgi.cgi, which leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and...

WAVLINK多款产品 安全漏洞

WAVLINK is a router from China Ruiyin WAVLINK. It is a hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in several WAVLINK products, which originates from a buffer overflow in the parameter loginpage in the file...

CVE-2025-46701

A flaw was found in the CGI servlet component of Apache Tomcat. This vulnerability allows a security constraint bypass via improper handling of case sensitivity in the pathInfo component of a URI mapped to the CGI servlet. Mitigation Mitigation is either unavailable or does not meet Red Hat Produ...

Apache Tomcat CGI Security Constraint Bypass Vulnerability (May 2025) - Windows

Apache Tomcat is prone to a CGI security constraint bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache Tomcat CGI Security Constraint Bypass Vulnerability (May 2025) - Linux

Apache Tomcat is prone to a CGI security constraint bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Improper Handling of Case Sensitivity

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the pathInfo component of a URI mapped to the CGI servlet. An attacker can bypass security constraints that apply to the...

GHSA-H2FW-RFH5-95R3 Apache Tomcat - CGI security constraint bypass

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1...