CVE-2025-2833

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been classified as problematic. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to inefficient regular expression complexity. It is possible to launch th...

CVE-2025-2833

The CVE-2025-2833 entry concerns zhangyd-c OneBlog (≤2.3.9) where the HTTP Header Handler’s handling of X-Forwarded-For allows an attack via insufficient regular-expression complexity (a ReDoS-like issue). A remote attacker could exploit this vulnerability; exploitation details are present in con...

CVE-2025-2358

A vulnerability was found in Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Kfxt/Service.asmx of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For lead...

CVE-2025-2358 Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injection

A vulnerability was found in Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Kfxt/Service.asmx of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For lead...

CVE-2025-2358

CVE-2025-2358 affects Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System 1.0. The vulnerability is an SQL injection in the HTTP Header Handler, triggered by manipulating the X-Forwarded-For argument in requests to /Kfxt/Service.asmx. It is described as remotely exploitable and has...

CVE-2025-1876

A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function httprequestparse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-1876

CVE-2025-1876 affects D-Link DAP-1562 running version 1.10. The issue is a stack-based buffer overflow in the HTTP Header Handler’s http_request_parse function triggered by manipulation of the Authorization argument. The vulnerability can be exploited remotely to potentially execute arbitrary cod...

CVE-2025-1876 D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function httprequestparse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-1876 D-Link DAP-1562 HTTP Header http_request_parse stack-based overflow

A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function httprequestparse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched...

D-Link DAP-1562 安全漏洞

The D-Link DAP-1562 is a wireless bridge from China's AUO D-Link. A security vulnerability exists in the D-Link DAP-1562 version 1.10, which stems from a stack buffer overflow in the HTTP Header Handler, which could lead to a remote attack. An attacker can exploit the vulnerability to execute...

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software allows a hacker to trigger a service failure.

The vulnerability of the Proxy Header Handler component of the Keycloak identity and access management software is related to shortcomings in HTTP request processing. Exploiting this vulnerability could allow a attacker to cause service failures...

CVE-2025-0697

Telstra Smart Modem Gen 2 (up to 20250115) is affected by a vulnerability in the HTTP Header Handler where manipulation of the Content-Disposition argument leads to injection. The issue can be triggered remotely. Affected component/file: HTTP Header Handler; root cause described as Content-Dispos...

PT-2025-4006 · Telstra · Telstra Smart Modem Gen 2

Name of the Vulnerable Software and Affected Versions: Telstra Smart Modem Gen 2 up to 20250115 Description: A problematic issue was found in the HTTP Header Handler component. The manipulation of the Content-Disposition argument leads to injection. This issue can be initiated remotely. The vendo...

NETGEAR R6900P/R7000P Buffer Overflow Vulnerability

The NETGEAR R6900P and R7000P are wireless routers from NETGEAR that provide high-speed Internet connectivity and network management capabilities. The NETGEAR R6900P and R7000P suffer from a buffer overflow vulnerability that stems from the sub16C4C function in the HTTP Header Handler component...

CVE-2024-12988

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The...

CVE-2024-12988 Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The...

PT-2024-17850 · NetGear · Netgear R6900P +1

Name of the Vulnerable Software and Affected Versions: Netgear R6900P and R7000P version 1.3.3.154 Description: A critical vulnerability has been found in the HTTP Header Handler component, specifically affecting the function sub 16C4C. The manipulation of the Host argument leads to a buffer...

NETGEAR R7000P和NETGEAR R6900P 安全漏洞

The NETGEAR R6900P and R7000P are wireless routers from NETGEAR that provide high-speed Internet connectivity and network management capabilities. The NETGEAR R6900P and R7000P suffer from a buffer overflow vulnerability that stems from the sub16C4C function in the HTTP Header Handler component...

CVE-2024-12147

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...

CVE-2024-12147 Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...