The vulnerability of the Incomplete SOAP Request Handler component in TP-Link VN020 F3v(T) software, a wireless router, allows a malicious actor to trigger a service failure.

The vulnerability of the Incomplete SOAP Request Handler component in the TP-Link VN020 F3vT wireless router software relates to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failure remotely...

CVE-2024-12343

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

CVE-2024-12343

TP-Link VN020 F3v(T) TT_V6.2.1021 is affected, specifically the SOAP Request Handler’s /control/WANIPConnection component where manipulating the NewConnectionType argument triggers a buffer overflow. This vulnerability requires local-network access and has public exploitation information, with po...

CVE-2024-12342

A vulnerability was found in TP-Link VN020 F3vT TTV6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiat...

CVE-2024-12342

TP-Link VN020 F3v(T) TT_V6.2.1021 has a high-severity vulnerability in the Incomplete SOAP Request Handler for the WANIPConnection UPnP service. The issue enables denial of service via malformed SOAP requests, exploitable from the local network. Public PoCs and exploit details exist (e.g., Exploi...

PT-2024-9331 · Tp Link · Tp-Link Vn020 F3V

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3vT version TT V6.2.1021 Description: A critical vulnerability has been found in the TP-Link VN020 F3vT router. The issue is related to the SOAP Request Handler component, specifically an unknown function of the file...

PT-2024-9297 · Tp Link · Tp-Link Vn020 F3V

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3vT version TT V6.2.1021 Description: A critical issue affects the Incomplete SOAP Request Handler component, specifically the processing of the file /control/WANIPConnection. This can lead to denial of service when exploited...

CVE-2024-12183

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2024-11860

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...

CVE-2024-11860

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...

CVE-2024-11860

CVE-2024-11860 affects SourceCodester Best House Rental Management System 1.0. The vulnerability exists in the POST Request Handler, specifically the file path /rental/ajax.php?action=delete_tenant, where manipulation of the argument id leads to improper authorization. This can be exploited remot...

CVE-2024-11618

A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The explo...

CVE-2024-11618 IPC Unigy Management System HTTP Request server-side request forgery

A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The explo...

PT-2024-17139 · Ipc · Ipc Unigy Management System

Name of the Vulnerable Software and Affected Versions: IPC Unigy Management System version 04.03.00.08.0027 Description: A critical issue was found in the HTTP Request Handler component, which can lead to server-side request forgery. This issue can be exploited remotely. The exploit has been...

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link routers such as DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software systems allows a hacker to disclose confidential information.

The vulnerability of the /xml/info.xml file of the HTTP GET Request Handler component in D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L microprogrammed software routers is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to disclose...

CVE-2024-10916

CVE-2024-10916 affects D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. The issue resides in the HTTP GET Request Handler’s /xml/info.xml, where an improper handling allows remote information disclosure. Public exploit information exists, enabling remote initiation without user int...

PT-2024-38738 · WordPress · The Fileorganizer

Name of the Vulnerable Software and Affected Versions: The FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.0.9 Description: The issue is related to arbitrary file uploads due to missing file type validation in the fileorganizer ajax handler...

CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow

A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...

CVE-2024-10351

The CVE-2024-10351 vulnerability affects Tenda RX9 Pro (version 22.03.02.20) in the POST handler function /goform/setMacFilterCfg, sub_424CE0. Manipulating the deviceList argument leads to a stack-based buffer overflow, allowing remote exploitation and potentially arbitrary code execution. Public...

CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow

A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...