12 matches found
CVE-2025-15472
TRENDnet TEW-811DRU firmware 1.0.2.0 is affected by an OS command injection in httpd/uapply.cgi setDeviceURL. Manipulation of the DeviceURL argument enables remote command execution with high impact. Exploit is published; vendor did not respond to disclosure. There is no publicly documented fix/u...
EUVD-2020-18342
Malware in sbrugna...
EUVD-2025-13653
Malicious code in bioql PyPI...
CVE-2025-3891
A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...
httpd: Security issues via backend applications whose response headers are malicious or exploitable
A flaw was found in httpd. Backend applications whose response headers are malicious or exploitable may allow information disclosure, server-side request forgery SSRF or local script execution...
CVE-2022-43635
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP por...
CVE-2022-27642
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect...
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...
CVE-2020-17409
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. Authentication is not required to exploit this vulnerability. The specific flaw exists...