5 matches found
CVE-2026-45558 Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...
EUVD-2017-18247
Malware in sbrugna...
CVE-2017-9312
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately...
Design/Logic Flaw
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately...
CVE-2017-9312
CVE-2017-9312 affects Rockwell Automation Allen-Bradley CompactLogix/Compact GuardLogix with the L30ERMS family (versions up to 30.014). Root cause: improperly implemented option-field processing in the TCP/IP stack that can be triggered by a crafted TCP packet, leading to a denial-of-service con...