76 matches found
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Cross site request forgery (csrf)
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2020-13582
Micrium uC-HTTP 3.01.00’s HTTP Server contains a denial-of-service vulnerability due to an unchecked return value in the header-parsing path. Specifically, in the boundary parsing of multipart forms, Str_Char_N may return NULL, and the code proceeds to dereference it, causing a crash (segmentatio...
CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Vulnerability Spotlight: Denial-of-service vulnerabilities in Micrium uc-HTTP’s HTTP server
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Micrium uc-HTTP’s HTTP server that could cause denial-of-service conditions. An attacker could trigger these vulnerabilities by targeting the user machine...
Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...
VelotiSmart WiFi B-380 Camera - Directory Traversal
VelotiSmart WiFi B-380 Camera - Directory Traversal Title: Vulnerability in VelotiSmart Wifi - Directory Traversal Date: 12-07-2018 Scope: Directory Traversal Platforms: Unix Author: Miguel Mendez Z Vendor: VelotiSmart Version: B380 CVE: CVE-2018–14064 Vulnerability description...
VelotiSmart WiFi B-380 Camera - Directory Traversal
Title: Vulnerability in VelotiSmart Wifi - Directory Traversal Date: 12-07-2018 Scope: Directory Traversal Platforms: Unix Author: Miguel Mendez Z Vendor: VelotiSmart Version: B380 CVE: CVE-2018–14064 Vulnerability description ------------------------- - The vulnerability that affects the device ...
CVE-2018-14064
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80...
Directory traversal
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80...
CVE-2018-14064
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80...
CVE-2018-14064
VelotiSmart WiFi B-380 cameras are affected by CVE-2018-14064 due to a Directory Traversal (LFI) in the uc-http service 1.0.0, exploitable via /../../etc/passwd on TCP port 80. The Nuclei template and related advisories confirm unauthenticated access can read arbitrary device files and sensitive ...
CVE-2018-14064
The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80...
XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal
| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...