CVE-2024-49747

In gattsprocessreadbytypereq of gattsr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0528 Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

CVE-2025-0528 Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

CVE-2025-0481

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been...

PT-2025-1265 · D Link · D-Link Dir-878

Name of the Vulnerable Software and Affected Versions: D-Link DIR-878 version 1.03 Description: A vulnerability has been found in the D-Link DIR-878, affecting an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. This issue leads to information disclosure and can...

PT-2026-3433

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A security flaw exists in Totolink LR350. The issue is due to command injection within the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, specifically in the POST Request...

CVE-2025-0331

A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password...

CVE-2025-0328

A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command...

PT-2025-1260 · Tenda · Tenda Ac10 +2

Name of the Vulnerable Software and Affected Versions: Tenda AC8 versions 16.03.10.20 Tenda AC10 versions 16.03.10.20 Tenda AC18 versions 16.03.10.20 Description: A critical issue has been found in the HTTP Request Handler component of the affected devices, specifically in the /goform/telnet file...

CVE-2024-12989

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

CVE-2024-12989

CVE-2024-12989 concerns WISI Tangram GT31. The vulnerability affects an unknown function within the device’s HTTP Request Handler, enabling server-side request forgery (SSRF). Reports across multiple sources (Red Hat, PT-Security, CNNVD, NVD/CVELIST) indicate the issue can be exploited remotely a...

CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

WISI Tangram GT31 代码问题漏洞

WISI Tangram GT31 is a module for a high-density digital platform from WISI. A code issue vulnerability exists in WISI Tangram GT31 20241214 and prior versions that stems from a component HTTP request handler that can lead to server-side request forgery...

The vulnerability of the Webmin CGI request handler allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the Webmin CGI request handler relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

PT-2024-17851 · Wisi · Wisi Tangram Gt31

Name of the Vulnerable Software and Affected Versions: WISI Tangram GT31 versions up to 20241214 Description: A server-side request forgery issue affects an unknown functionality of the component HTTP Request Handler. This issue can be exploited remotely. The vendor was contacted about this...

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system, a component used in building CDN networks, allows attackers to execute arbitrary code.

The vulnerability of the PUT Request Handler component in the Apache Traffic Control system for building CDN networks is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing...

CVE-2024-29671

Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component...

NEXTU FLATA AX1500 安全漏洞

The NEXTU FLATA AX1500 is a wireless router from NEXTU. A security vulnerability exists in the NEXTU FLATA AX1500 version v.1.0.2, which stems from the presence of a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code via the POST request handler component...

TP-LINK VN020 Buffer Overflow Vulnerability

The TP-LINK VN020 is a wireless modem from China P&L TP-LINK. A security vulnerability exists in TP-Link VN020 F3vT TTV6.2.1021 version, which originates from a buffer overflow in the parameter NewConnectionType in the component SOAP request handler. An attacker can exploit this vulnerability to...