CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its...

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

UBUNTU-CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

PT-2018-1820 · Apache +5 · Apache Httpd +6

Name of the Vulnerable Software and Affected Versions: Apache httpd versions 2.2.0 through 2.4.29 Description: The issue is related to the generation of an HTTP Digest authentication challenge, where the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.34-i586-1slack14.2.txz: Upgraded. This update fixes a stack buffer overflow vulnerability. For more information, se...

CVE-2018-7561

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14EN allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7561

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14EN allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-6941

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...

Design/Logic Flaw

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...

Cross site request forgery (csrf)

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...

CVE-2018-6940

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...

CVE-2018-6940

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...

CVE-2018-6941

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...

CVE-2018-6940

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...

CVE-2018-6941

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...

CVE-2018-6941

CVE-2018-6941 describes a CSRF vulnerability in NAT32 v2.2 Build 22284 HTTPD that can enable Remote Code Execution when an authenticated NAT32 user visits a malicious link or page. Public writeups/PoCs (e.g., Exploit-DB, PacketStorm) illustrate a payload like /shell?cmd= and document that no chec...

CVE-2018-6940

CVE-2018-6940 describes a Remote Command Execution risk in NAT32 v2.2 Build 22284 through the HTTPD interface. The vulnerability stems from a /shell?cmd= endpoint exposed on NAT32’s web UI ( port 8080 ) that could allow attackers to execute commands, potentially via CSRF as indicated by multiple ...

NAT32 Build 22284 Remote Command Execution / CSRF

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32r is a...

NAT32 2.2 Build 22284 - Cross-Site Request Forgery Vulnerability

Exploit for windows platform in category web applications + Credits: hyp3rlinx Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a versatile IP Router implemented as a WIN32 application. Vulnerability Type: =================== Remote Command Execution CSRF CVE...