2225 matches found
TFTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 64-bit payload from a TFTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/riscv64le/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf...
OESA-2026-2705 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...
OESA-2026-2704 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...
CVE-2020-37250 TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation
TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during servi...
CVE-2020-37250
CVE-2020-37250 affects TFTP Broadband 4.3.0.1465 where the unquoted service path in the tftpt.exe service binary enables local privilege escalation to LocalSystem by placing a malicious executable in the Program Files path that is executed at service startup or system reboot. The vulnerability is...
curl: TFTP upload ignores --continue-at / CURLOPT_RESUME_FROM and leaks skipped local file prefix
Summary TFTP uploads ignore the configured resume offset. When a caller runs curl -C N -T file tftp://... or uses libcurl with CURLOPTUPLOAD and CURLOPTRESUMEFROM, curl should skip the first N bytes of the local source before uploading. Instead, the TFTP code sends the complete local file from by...
Astra Linux – Vulnerability in libssh
In libssh 0.9.4, there is a NULL pointer dereferencing in tftpserver.c if sshbuffernew returns NULL...
Astra Linux – Vulnerability in libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...
Security update for erlang26
This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...
[SECURITY] [DLA 4590-1] erlang security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4590-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro May 18, 2026 https://wiki.debian.org/LTS -...
Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp
Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...
SUSE SLES15 Security Update : erlang (SUSE-SU-2026:1714-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1714-1 advisory. - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling...
CLSA-2026-1778223262 curl: Fix of 3 CVEs
CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...
curl: Fix of 3 CVEs
CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability
Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...
Security update for erlang
This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...
SUSE-SU-2026:1714-1 Security update for erlang
This update for erlang fixes the following issues: - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. - CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. - CVE-2026-2394...
CLSA-2026-1777877363 curl: Fix of 2 CVEs
CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...
curl: Fix of 2 CVEs
CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...
CLSA-2026-1777878036 curl: Fix of 2 CVEs
CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...