14 matches found
Zyxel P-6101C Authorization Issue Vulnerability
The Zyxel P-6101C is a wireless router from China's Hopkins Zyxel. The Zyxel P-6101C suffers from an authorization issue vulnerability that stems from improper authentication. An attacker can exploit the vulnerability to read certain device information via a specially crafted HTTP HEAD method...
Zyxel P-6101C 授权问题漏洞
The Zyxel P-6101C is a wireless router from China's Hopkins Zyxel. The Zyxel P-6101C suffers from an authorization issue vulnerability that stems from improper authentication. An attacker can exploit the vulnerability to read certain device information via a specially crafted HTTP HEAD method...
ZTE-H108NS Router - Authentication Bypass Vulnerability
Exploit Title: Router ZTE-H108NS - Authentication Bypass Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/ Firmware: H108NSV1.0.7uZRDGR2A68 CVE: N/A Tested on: Debian 5.18.5 Description : When specific http methods are listed within a security constraint, then only those...
CVE-2022-45956
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...
CVE-2022-45956
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism...
PT-2022-27698 · Unknown · Boa Web Server
Name of the Vulnerable Software and Affected Versions: Boa Web Server versions 0.94.13 through 0.94.14 Description: The issue allows bypassing of the Basic Authorization mechanism due to a failure in validating the correct security constraint on the HEAD HTTP method. Recommendations: For Boa Web...
Boa 安全漏洞
Boa is an open source code for embedded applications from Boa Open Source. A security vulnerability exists in Boa Web Server versions 0.94.13 through 0.94.14 that stems from an inability to validate the correct security constraints on the HEAD HTTP method, allowing anyone to bypass the basic...
ZTE ZXHN-H108NS Authentication Bypass Vulnerability
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7uZRDGR2A68 suffers from an authentication bypass vulnerability when alternate HTTP methods are leveraged. Exploit Title: Router ZTE-H108NS - Authentication Bypass Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/...
Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass
Exploit Title: Boa Web Server 0.94.13-0.94.14 Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint ...
MiniShare 1.4.1 HEAD / POST Buffer Overflow
Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...
HTTP 'HEAD' Method Detection
Binary data 8315.prm...
UBUNTU-CVE-2014-5252
The V3 API in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issuedat value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification 1 GET or 2 HEAD request to v3/auth/tokens/...
IBM WebSphere Application Server < 7.0.0.7 Multiple Vulnerabilities
Binary data 5235.prm...
IBM WebSphere Application Server 7.0 < Fix Pack 7
IBM WebSphere Application Server 7.0 before Fix Pack 7 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - A cross-site request forgery vulnerability exists due to insufficient validation of user-supplied input by the administrative console...