CVE-2002-2429

webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service daemon crash via an HTTP POST request that contains a negative integer in the Content-Length header...

CVE-2002-2428

webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an HTTP POST request that contains a Content-Length header but no body data...

CVE-2002-2081

cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service disk consumption via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp...

CVE-2005-0886

Cross-site scripting XSS vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request...

CVE-2005-2799

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request...

CVE-2025-4897

A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely...

CVE-2025-4835

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2025-4834

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...

CVE-2025-4999

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicantrndiden leads to...

CVE-2025-4998

A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...

CVE-2025-5000

CVE-2025-5000 impacts Linksys FGW3000-AH/HK (versions up to 1.0.17.000000). The vulnerability resides in the HTTP POST Request Handler, specifically the /cgi-bin/sysconf.cgi component, in the function control_panel_sw . Manipulating the filename argument in the POST request leads to command injec...

CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...

CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...

CVE-2025-4999

CVE-2025-4999 affects Linksys FGW3000-AH/HK (up to v1.0.17.000000). The HTTP POST Request Handler in /cgi-bin/sysconf.cgi contains function sub_4153FC; manipulating the argument supplicant_rnd_id_en triggers a remote command injection. Public exploit details exist; vendor has not responded to dis...

CVE-2025-4998

Summary: CVE-2025-4998 affects H3C Magic R200G (versions up to 100R002). The issue resides in the HTTP POST Request Handler, specifically the /goform/aspForm component, where manipulating the parameter param in functions such as Edit_BasicSSID, Edit_BasicSSID_5G, SetAPWifiorLedInfoById, SetMobile...

CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service

A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...

CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service

A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...

CVE-2025-4997

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997

CVE-2025-4997 affects H3C R2+ProG up to version 200R004. The HTTP POST Request Handler’s /goform/aspForm, specifically UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById, handles the param argument insecurely, lea...