33 matches found
CVE-2026-35520
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
CVE-2026-35520
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
CVE-2026-35520
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
EUVD-2026-19713
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
PT-2026-30885
FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...
CVE-2026-4203
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
EUVD-2005-0877
Malware in sbrugna...
CVE-2019-14918
XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...
openSUSE: Security Advisory for connman (openSUSE-SU-2023:0369-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2020-6849
Name of the Vulnerable Software and Affected Versions Pi-hole Web version 4.3.2 Description The issue allows remote code execution by privileged dashboard users via a crafted DHCP static lease. This is due to the failure to neutralize special elements used in the operating system command...
Billion Smart Energy Router SG600R2 DHCP Lease Status Form Cross-Site Scripting Vulnerability
The Billion Smart Energy Router SG600R2 is a router device. A cross-site scripting vulnerability exists in the Billion Smart Energy Router SG600R2 DHCP lease status form, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...
CVE-2019-14918
XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...
ASUS RT-AC58U Information Disclosure Vulnerability
ASUS RT-AC58U is a wireless router product from ASUS. A security vulnerability exists in ASUS RT-AC58U version 3.0.0.4.3806516. The vulnerability can be exploited by a remote attacker to obtain the hostname and IP address by reading the dhcpLeaseInfo data in the HTML source code of the...
Code injection
On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...
CVE-2018-18287
On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...
CVE-2018-16055
An authenticated command injection vulnerability exists in statusinterfaces.php via dhcprelinquishlease in pfSense before 2.4.4 due to its passing user input from the $POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGU...
Command injection
An authenticated command injection vulnerability exists in statusinterfaces.php via dhcprelinquishlease in pfSense before 2.4.4 due to its passing user input from the $POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGU...
How to use Citrix App Layering with Fixed IP Addresses
In App Layering, the ELM needs to be able to determine which NIC device is the "active" NIC. The ELM must determine the active NIC in orderto properly merge network instances and services from different layers, howeverthere's no flag in the registry that identifies the NIC that will be used to...