CVE-2025-8760

CVE-2025-8760 analysis (INSTAR 2K+/4K): A buffer overflow in the fcgi_server component (base64_decode) is triggered by manipulating the Authorization argument, allowing remote exploitation in INSTAR 2K+ and 4K, version 3.11.1 Build 1124. Several sources (e.g., Red Hat entry, CVE lists, PT-Securit...

PT-2025-32968 · Dinstar · Instar 2K+ +1

Name of the Vulnerable Software and Affected Versions: INSTAR 2K+ and 4K version 3.11.1 Build 1124 Description: A buffer overflow issue exists in the fcgi server component due to the manipulation of the Authorization argument within the base64 decode function. This allows for remote exploitation ...

INSTAR 2K+和INSTAR 4K 安全漏洞

INSTAR 2K+ and INSTAR 4K are both webcams from the German company INSTAR. A security vulnerability exists in INSTAR 2K+ and INSTAR 4K version 3.11.1 Build 1124, which originates from a buffer overflow due to manipulation of the Authorization parameter by the base64decode function of the fcgiserve...

BIT-LIBPHP-2021-21703 PHP-FPM memory access in root process leading to privilege escalation

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...

The vulnerability of the PHP-FPM (FastCGI Process Manager) processor in the Nighthawk WiFi 6 Router software allows a hacker to bypass security restrictions, execute arbitrary code, and gain full control over the system.

The vulnerability of the PHP-FPM FastCGI Process Manager processor in Nighthawk WiFi 6 Router RAX30 involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to bypass security restrictions, execute arbitrary code, or gain full control over the system...

CVE-2025-XXXX

CVE-2025-XXXX: CloudPanel FastCGI PHP-FPM Privilege Escalation...

RLSA-2025:8696 Important: perl-FCGI:0.78 security update

The perl-FCGI package provides a Perl module for writing FastCGI applications. FastCGI is a more efficient alternative to traditional CGI, as it keeps application processes persistent across multiple requests. This module allows Perl web applications to handle requests faster and with lower...

perl-FCGI:0.78 security update

An update is available for perl-FCGI, module.perl-FCGI. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The perl-FCGI package provides a Perl module for writing...

Gopherus

This tool is called Gopherus and it generates gopher links for exploiting Server-Side Request Forgery SSRF and gaining Remote Code Execution RCE in various servers. The tool can be used to exploit vulnerabilities in MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP servers. The tool...

SUSE: Security Advisory (SUSE-SU-2025:02369-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:02372-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:02372-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : FastCGI (SUSE-SU-2025:02369-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:02369-1 advisory. - CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325 Tenable has extracted the preceding description block directly from the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : FastCGI (SUSE-SU-2025:02372-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02372-1 advisory. - CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325 Tenable has extracted the...

Security update for FastCGI

This update for FastCGI fixes the following issues: CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2025:02372-1 Security update for FastCGI

This update for FastCGI fixes the following issues: - CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325...

Security update for FastCGI

This update for FastCGI fixes the following issues: CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2025:02369-1 Security update for FastCGI

This update for FastCGI fixes the following issues: - CVE-2025-23016: Fixed integer overflow in FastCGI fcgi2 library bsc1243325...

FastCGI-2.4.6-1.1 on GA media (moderate)

FastCGI-2.4.6-1.1 on GA media Announcement ID: openSUSE-SU-2025:15348-1 Rating: moderate Cross-References: CVE-2025-23016 CVSS scores: CVE-2025-23016 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

OPENSUSE-SU-2025:15348-1 FastCGI-2.4.6-1.1 on GA media

These are all security issues fixed in the FastCGI-2.4.6-1.1 package on the GA media of openSUSE Tumbleweed...