Important Photon OS Security Update - PHSA-2021-0365

Updates of 'glib', 'linux', 'linux-esx' packages of Photon OS have been released...

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

(0Day) D-Link DAP-3662 httpd Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-3662 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the httpd web server. A crafted HTTP...

ASUS RT-AX86U Buffer Overflow Vulnerability

ASUS RT-AX86U is a wireless router from ASUS China. ASUS RT-AX86U router firmware is vulnerable to a buffer overflow in the blocking request.cgi function of the httpd module, which could be exploited by an attacker to construct malicious data leading to code execution...

PT-2021-16511 · Belkin · Belkin Linksys Wrt160Nl

Name of the Vulnerable Software and Affected Versions: Belkin Linksys WRT160NL version 1.0.04.002 US 20130619 Description: The administration web interface on Belkin Linksys WRT160NL devices allows remote authenticated attackers to execute system commands with root privileges via shell...

CVE-2020-36109

ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...

CVE-2020-36109

ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...

Buffer overflow

ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...

CVE-2020-36109

CVE-2020-36109 affects ASUS RT-AX86U (and related models) where firmware below 9.0.0.4_386 has a buffer overflow in the httpd module’s blocking_request.cgi function. The vulnerability can lead to code execution when an attacker crafts malicious input; multiple sources describe this as a potential...

CVE-2020-36109

ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...

ASUS RT-AX86U 安全漏洞

ASUS RT-AX86U is a wireless router from ASUS China. ASUS RT-AX86U router firmware is vulnerable to a buffer overflow in the blocking request.cgi function of the httpd module, which could be exploited by an attacker to construct malicious data leading to code execution...

PT-2021-11914 · Asus · Asus Rt-Ax86

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX86U router firmware versions prior to 9.0.0.4 386 Description: The issue is related to a buffer overflow in the blocking request.cgi function of the httpd module. This can cause code execution when an attacker constructs malicious...

CentOS 8 : httpd:2.4 (CESA-2020:3714)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:3714 advisory. - httpd: Push diary crash on specifically crafted HTTP/2 header CVE-2020-9490 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 8 : httpd:2.4 (CESA-2020:4751)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4751 advisory. - httpd: modhttp2: DoS via slow, unneeded request bodies CVE-2018-17189 - httpd: modhttp2: read-after-free on a string compare CVE-2019-0196 - httpd:...

CentOS 8 : httpd:2.4 (CESA-2019:3436)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3436 advisory. - httpd: modauthdigest: access control bypass due to race condition CVE-2019-0217 - httpd: URL normalization inconsistency CVE-2019-0220 Note that Ness...

CentOS 8 : httpd:2.4 (CESA-2019:0980)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:0980 advisory. - httpd: privilege escalation from modules scripts CVE-2019-0211 - httpd: modssl: access control bypass when using per-location client certification...

Apache Httpd < 2.4.48 : Improper Handling of Insufficient Privileges

Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows...

Selea Targa IP OCR-ANPR Camera - CSRF Add Admin

Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...