EUVD-2006-3373

Malware in sbrugna...

PT-2024-8266 · NetGear · Netgear Xr300

Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.78 Description: The issue is related to a buffer overflow in the bridge wireless main.cgi script of Netgear XR300 routers, specifically when handling the ssid parameter. This can be exploited by sending a specially...

CVE-2023-39278

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

CVE-2023-39278

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

Stack overflow

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

CVE-2023-39278

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

CVE-2023-39278

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

CVE-2023-39278

CVE-2023-39278 is a SonicOS vulnerability in which a post-authentication user assertion failure in main.cgi leads to a Stack-Based Buffer Overflow and a firewall crash. The connected sources corroborate that SonicOS Management Web Interface and SSLVPN portal are affected by multiple related post-...

SonicWALL SonicOS Buffer Error Vulnerability

SonicWALL SonicOS is an operating system from SonicWALL, Inc. designed for SonicWall firewall appliances. A security vulnerability exists in SonicWALL SonicOS that stems from a user assertion failure and a stack-based buffer overflow vulnerability in main.cgi that causes the firewall to crash...

CVE-2021-40680

There is a Directory Traversal vulnerability in Artica Proxy 4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273 via the filename parameter to /cgi-bin/main.cgi...

CVE-2021-40680

There is a Directory Traversal vulnerability in Artica Proxy 4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273 via the filename parameter to /cgi-bin/main.cgi...

CVE-2021-45418

Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet =1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium =1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0...

CVE-2021-45418

Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet =1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium =1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0...

CVE-2021-45418

CVE-2021-45418 affects Star Charge products: Nova 360 Cabinet and Titan 180 Premium. The issue is a directory traversal vulnerability via the web interface component, main.cgi. Affected versions and fixes are documented as: Nova 360 Cabinet <= 1.3.0.0.6 with fix back to 1.3.0.0.9, and Titan 18...

Star Charge Nova 360 Cabinet和Titan 180 Premium 路径遍历漏洞

Star Charge Nova 360 Cabinet and Titan 180 Premium are both products of Star Charge, a Chinese company.Nova 360 Cabinet is a charger cabinet.Titan 180 Premium is a commercial high power charging station. A path traversal vulnerability exists in the Star Charge Nova 360 Cabinet and Titan 180...

CVE-2014-9184

CVE-2014-9184 affects ZTE ZXDSL 831CII. The vulnerability allows remote attackers to bypass authentication by directly requesting CGI files (main.cgi, adminpasswd.cgi, userpasswd.cgi, upload.cgi, conprocess.cgi, connect.cgi). Evidence across sources confirms this authentication bypass issue with ...

Linksys Web Camera Software 2.10 Next_file Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10533/info It is reported that Linksys Web Camera software is prone to a cross-site scripting vulnerability that may allow a remote attacker to steal cookie-based authentication credentials or carry out other attacks. The...

Technote 2000/2001 'filename' Parameter Command Execution And File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2156/info Technote Inc. offers a multi-communication Package that includes a web board type of service. A script that ships with Technote, 'main.cgi', accepts a parameter called 'filename'. This remotely supplied variable...

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability

!-- Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability when viewing the device web interface it asks to install an ActiveX control with the following settings: ProductName: PlayerPT ActiveX Control Module File...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the nextfile parameter to 1 main.cgi, 2 img/main.cgi, or 3 adm/file.cgi; or 4 the thisfile...