EUVD-2020-21401

Malware in sbrugna...

EUVD-2020-20219

Malware in sbrugna...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

(Pwn2Own) Lexmark CX331adwe httpd extract-trace Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark CX331adwe printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the httpd...

K25691186: BIG-IP Configuration utility vulnerability CVE-2020-27715

Security Advisory Description Crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon. CVE-2020-27715 Impact Unable to access the affected BIG-IP system's Configuration utility. Security Advisory Status F5 Product Development has...

PT-2022-5722 · NetGear · Netgear R7000P

Name of the Vulnerable Software and Affected Versions: Netgear R7000P version 1.3.1.64 Description: The issue is related to buffer overflow errors in the httpd daemon of the NETGEAR R7000P router's embedded software. These errors occur through the starthour, startminute, endhour, and endminute...

PT-2022-5721 · NetGear · Netgear R7000P

Name of the Vulnerable Software and Affected Versions: Netgear R7000P version 1.3.0.8 Description: The issue is related to a buffer overflow error in the httpd daemon of the NETGEAR R7000P router's software, specifically through the enable band steering parameter. This could allow a remote attack...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

Buffer overflow

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

CVE-2022-30024 is a buffer overflow in the TP-Link TL-WR841N series httpd daemon (firmware version 3.16.9 and earlier) that allows an authenticated remote attacker to execute arbitrary code by sending a GET request to the System Tools page. Affected devices include TL-WR841N V12 (EU/other regiona...

PT-2022-3664 · Tp Link · Tp-Link Tl-Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions 3.16.9 and earlier Description: A buffer overflow in the httpd daemon allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This...

CVE-2019-17656

A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...

CVE-2019-17656

A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

FortiWeb is vulnerable to a buffer overflow

A stack-based buffer overflow vulnerability in FortiWeb may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

Design/Logic Flaw

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...