3 matches found
CVE-2024-39847
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
EUVD-2024-55563
Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobsterpro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services...
Check Point Response to CVE-2020-28041 - NAT Slipstreaming
Cause The attack involves several vectors - Local IP disclosure, max MTU UDP and TCP calculation and leveraging a SIP parser weakness in fragmented HTTP packets which enables to "Slipstream" a legitimate SIP connection in an HTTP POST request generated by the victim's browser. The full descriptio...