7 matches found
CVE-2025-20136
CVE-2025-20136 affects Cisco Secure Firewall ASA/FTD DNS inspection when NAT44/NAT64/NAT46 is configured. An unauthenticated attacker can trigger an infinite loop by sending crafted DNS packets that match a static NAT rule with DNS inspection enabled, causing the device to reload and resulting in...
CVE-2024-2188
Cross-Site Scripting XSS vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could...
CVE-2024-2188
Cross-Site Scripting XSS vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could...
TP-LINK AX50 跨站脚本漏洞
TP-LINK AX50 is a router device from China P&L TP-LINK. A cross-site scripting vulnerability exists in TP-LINK AX50 version 1.0.11 build 2022052. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to...
PT-2024-2143 · Tp Link · Tp-Link Archer C50
Name of the Vulnerable Software and Affected Versions: TP-Link Archer AX50 version 1.0.11 build 2022052 Description: The issue is related to a Cross-Site Scripting XSS vulnerability that could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious...
python-django-horizon: XSS in federation mappings UI
A cross-site scripting flaw was discovered in the OpenStack dashboard horizon which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard...
mod_jk: Buffer overflow when concatenating virtual host name and URI
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...