PT-2025-18050 · Tenda · Tenda I24 +1

Name of the Vulnerable Software and Affected Versions: Tenda W12 and i24 versions 3.0.0.42887 through 3.0.0.53644 Description: A critical vulnerability was found in the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to...

Linux Distros Unpatched Vulnerability : CVE-2018-11803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Subversion's moddavsvn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the...

RLSA-2024:8680 Low: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

CLSA-2024-1724706840 httpd: Fix of 8 CVEs

CVE-2024-38474: modrewrite: server weakness with encoded question marks in backreferences - CVE-2024-38475: modrewrite: server weakness in modrewrite when first segment of substitution matches filesystem path - CVE-2024-38477: modproxy: crash resulting in Denial of Service in modproxy via a...

[SECURITY] Fedora 39 Update: mod_http2-2.0.25-1.fc39

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

PT-2023-4035 · Asus · Asus Rt-Ac86U +1

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 version 3.0.0.4.386 50460 ASUS RT-AC86U version 3.0.0.4 386 51529 Description: A format string vulnerability is identified in the ASUS RT-AX56U V2 and RT-AC86U routers. This issue is caused by directly using input as a format...

CLSA-2022-1656958887 Fixed CVE-2022-31813 in httpd-43.module_el8.5.0+2067+6f259f31.tuxcare.els7

ELS-190: Fix undefined reference to PROXYSHOULDPING100CONTINUE in approxycreatehdrbrgd that occured in httpd-2.4.37-CVE-2022-31813.patch...

CLSA-2022-1656429967 Fixed CVEs in httpd-39.module_el8.4.0+2061+54659116.1.tuxcare.centos8.4-els: CVE-2022-28615, CVE-2022-31813, CVE-2022-30556, CVE-2022-26377, CVE-2022-30522

CVE-2022-30522: modsed: limit memory usage - CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-30556: modlua: fix r:wsread to not return length that point past the end of the storage allocated for the buffer -...

CLSA-2022-1654106630 Fixed CVEs in httpd-43.module_el8.5.0+2046+6f259f31.tuxcare.els4: CVE-2021-33193, CVE-2020-35452

CVE-2020-35452: modauthdigest: fix a single zero byte stack overflow 1968278 - CVE-2021-33193: fix request splitting via HTTP/2 method injection and modproxy 1972491...

CLSA-2022-1654106434 Fixed CVEs in httpd-39.module_el8.4.0+2047+54659116.1.tuxcare.els5: CVE-2020-35452, CVE-2021-33193

CVE-2020-35452: modauthdigest: fix a single zero byte stack overflow 1968278 - CVE-2021-33193: fix request splitting via HTTP/2 method injection and modproxy 1972491...

CVE-2022-30474

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request...

CVE-2022-30477

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...

CVE-2022-30476

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request...

CVE-2022-30475

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request...

Design/Logic Flaw

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request...

Stack overflow

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request...

Stack overflow

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request...

Stack overflow

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...

CVE-2022-30477

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...

CVE-2022-30476

The CVE-2022-30476 entry concerns the Tenda AC Series Router AC18_V15.03.05.19(6318), with a stack-based buffer overflow in the httpd module when processing /goform/SetFirewallCfg. The issue affects the httpd handling of that request, with CVSSv3.1 base score 9.8 (CRITICAL) and network attack vec...