404 matches found
TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability
TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue produc...
EUVD-2025-23927
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike othe...
CVE-2025-34152
The CVE-2025-34152 entry concerns the Shenzhen Aitemi M300 Wi‑Fi Repeater (MT02). The vulnerability is an unauthenticated OS command injection exposed via the time parameter of the /protocol.csp? endpoint. Reported impact is remote code execution with root privileges without requiring authenticat...
CVE-2025-2813
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80...
CVE-2025-2813
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80...
CVE-2025-2813
Technical details about CVE-2025-2813 are not publicly available in the provided documents; no affected products, versions, root cause, or remediation are specified here. Monitor for updates.
CVE-2025-2813 HTTP Service DoS Vulnerability
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80...
CVE-2025-2813 HTTP Service DoS Vulnerability
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80...
PT-2025-31499 · Unknown · Http Service
Name of the Vulnerable Software and Affected Versions: versions affected versions not specified Description: An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80. Recommendations: At the moment, there is no informati...
Pentest-and-Development-Tips
Pentest-and-Development-Tips A collection of pentest and development tips Author: 3gstudent Click on me to view the English version 声明 以下技巧不应用于非法用途 --- Tips 1. 手动端口探测 nmap的-sV可以探测出服务版本,但有些情况下必须手动探测去验证 使用Wireshark获取响应包未免大材小用,可通过nc简单判断 eg. 对于8001端口,nc连接上去,随便输入一个字符串,得到了以下结果: $ nc -vv localhost 8001...
CVE-2024-51977
An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...
CVE-2024-51979
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...
CVE-2024-51977
An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...
CVE-2024-51979
CVE-2024-51979 describes a stack-based buffer overflow triggered by authenticated requests to HTTP/HTTPS/IPP services (ports 80/443/631) on multiple multifunction printer platforms. The exploit is via malformed Origin and Referer headers, with the Referer host value exceeding 64 bytes. Connected ...
CVE-2024-51979 Authenticated stack based buffer overflow affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Konica Minolta, Inc.
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631. The malformed request will contain an empty Origin header value and a malformed Referer...
EUVD-2024-54705
An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...
PT-2025-26812 · Hewlett Packard · Hp Ipp
Name of the Vulnerable Software and Affected Versions: HP IPP versions affected versions not specified Description: An authenticated attacker can trigger a stack-based buffer overflow by sending a malformed request to the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP servic...
CVE-2025-52574 SysmonElixir path traversal in /read endpoint allows arbitrary file read
SysmonElixir is a system monitor HTTP service in Elixir. Prior to version 1.0.1, the /read endpoint reads any file from the server's /etc/passwd by default. In v1.0.1, a whitelist was added that limits reading to only files under priv/data. This issue has been patched in version 1.0.1...
CVE-2025-34036 Shenzhen TVT CCTV-DVR Command Injection
An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When th...
CVE-2025-34036
The CVE-2025-34036 issue affects white-labeled TVT DVRs’ Cross Web Server, a custom HTTP service listening on TCP ports 81/82. The web UI fails to sanitize the [lang] parameter in the /language/[lang]/index.html path, allowing unsafely used input in a tar extraction command to enable OS command i...