Command injection

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2022-26782

Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input...

CVE-2022-26781

Summary: CVE-2022-26781 affects InHand Networks InRouter302 v3.5.4. Multiple input-validation flaws in the libnvram.so nvram_import function and in httpd components (user_define_print, user_define_init, user_define_set_item) allow crafted input to trigger remote code execution. The root cause is ...

CVE-2022-26781

Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input...

CVE-2022-26780

InHand Networks InRouter302 (V3.5.4) contains multiple input-validation flaws in the web server and libnvram (nvram_import) that can be triggered via specially crafted files or by manipulating the user_define_timeout nvram value. Citations describe stack-based buffer overflows in httpd functions ...

CVE-2022-26085

An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2022-26085

InRouter302 (InHand Networks) V3.5.4 contains an OS command injection in the httpd wlscan_ASP function. TALOS-2022-1473 documents that an authenticated HTTP request can trigger arbitrary command execution via the wlscan_ASP path, using nvram-derived values and popen to execute system commands. CV...

CVE-2022-24910

InRouter302 (InHand Networks) V3.5.4 contains a buffer overflow in the httpd parse_ping_result API. TALOS-2022-1471 shows that if an attacker manipulates /tmp/ping_result.txt (via the apply.cgi PING_Test path on port 4444), the code path reads long lines and uses sscanf into small buffers, enabli...

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

subversion: Subversion's mod_dav_svn is vulnerable to memory corruption

A use-after-free vulnerability was found in Subversion in the moddavsvn Apache HTTP server HTTPd module. While looking up path-based authorization authz rules, multiple calls to the postconfig hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue...

AlmaLinux 8 : httpd:2.4 (ALSA-2022:1915)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1915 advisory. httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request uri-path...

RHEL 8 : httpd:2.4 (RHSA-2022:1915)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1915 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Request splittin...

httpd: possible NULL dereference or SSRF in forward proxy configurations

There's a null pointer dereference and server-side request forgery flaw in httpd's modproxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix...

httpd: Single zero byte stack overflow in mod_auth_digest

A flaw was found in Apache httpd. The modauthdigest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

ALSA-2022:1915 Moderate: httpd:2.4 security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request uri-path CVE-2021-36160 httpd:...

RLSA-2022:1915 Moderate: httpd:2.4 security and bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 httpd: modproxyuwsgi: out-of-bounds read via a crafted request uri-path CVE-2021-36160 httpd:...

httpd:2.4 security and bug fix update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

InHand Networks InRouter302 httpd upload.cgi file write vulnerability

Summary A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability. Tested Versions InHand Networks...

CentOS 8 : httpd:2.4 (CESA-2022:1915)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1915 advisory. - httpd: Single zero byte stack overflow in modauthdigest CVE-2020-35452 - httpd: Request splitting via HTTP/2 method injection and modproxy...

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Vulnerability (NS-SA-2022-0016)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by a vulnerability: - A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server...