5908 matches found
CVE-2022-43630
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web management portal. When...
CVE-2022-39951
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specifically crafted HTTP...
CVE-2022-26648
A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...
CVE-2019-3660
Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense ATD prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests...
CVE-2020-29011
Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests...
CVE-2020-6091
An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an...
CVE-2024-12847
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...
CVE-2024-36251
The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedefsubsel.html is not processed properly and device-crash happens. As for the details of affected product names, model numbers, and...
CVE-2024-24914
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available...
CVE-2024-20418
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul URWB Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating...
CVE-2024-20424
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability ...
CVE-2024-4851
A Server-Side Request Forgery SSRF vulnerability exists in the stangirard/quivr application, version 0.0.204, which allows attackers to access internal networks. The vulnerability is present in the crawl endpoint where the 'url' parameter can be manipulated to send HTTP requests to arbitrary URLs...
CVE-2024-40642
The netty incubator codec.bhttp is a java language binary http parser. In affected versions the BinaryHttpParser class does not properly validate input values thus giving attackers almost complete control over the HTTP requests constructed from the parsed output. Attackers can abuse several issue...
CVE-2024-39793
Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...
CVE-2024-9643 Four-Faith F3x36 Hidden Debug Credentials
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to...
BIT-MLFLOW-2024-1483 Path Traversal Vulnerability in mlflow/mlflow
A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifactlocation' and 'source' parameters, using a local URI with '' instead of '?', an attacker can...
Ivanti Connect Secure HTTP Scanner
This module will perform authentication scanning against Ivanti Connect Secure Module Options msf use auxiliary/scanner/ivanti/loginscanner msf auxiliaryloginscanner show actions ...actions... msf auxiliaryloginscanner set ACTION msf auxiliaryloginscanner show options ...show and set options... m...
CVE-2025-23001
A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE: the Supplier's...
CVE-2025-24501
CVE-2025-24501 affects Broadcom Symantec Privileged Access Management (PAM). The provided sources describe an improper input validation that allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request. The impact is log tampering of PAM activity; no evidence o...
K000149537: AsyncHttpClient vulnerability CVE-2024-53990
Security Advisory Description The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request, the automatically enabled and self-managed CookieStore aka cookie jar will silently replace explicitly...