CVE-2019-25386

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...

CVE-2019-25388

The vulnerability CVE-2019-25388 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, specifically the ipblock.cgi endpoint. It is a reflected cross-site scripting flaw where a crafted POST request can inject script tags through SRC_IP and COMMENT parameters, allowing arbitrary JavaScript exe...

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the srcip parameter of /goform/form2IPQoSTcAdd...

CVE-2022-31055 Improper Access Control in kctf

kCTF is a Kubernetes-based infrastructure for capture the flag CTF competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark the...

Citrix ADM Ports and URL's That Need To Be Opened for Communication

Additional notes: If using ULFD LogStream: The -logstreamOverNSIP option is available from Citrix ADC 13.0 41.x and 12.1 55.x onwards to alter the SRC IP. Default is SNIP. This is a global setting. set appflow param -logstreamOverNSIP If using IPFix AppFlow: The -IPAddress parameter can be used t...

Minix 3.3.0 - Remote TCPIP Stack Denial of Service

Minix 3.3.0 - Remote TCPIP Stack Denial of Service / ------------------------------------------------------- ||------+ MINIX =--|| ||--= Nov 2014 =--|| ||--= Mexico =--|| -- MINIX IS PRONE TO DENIAL OF SERVICE IN THE TCP/IP STACK /service/inet BY SENDING A SINGLE TCP PACKET WITH A MALFORMED TCP...