InterNiche NicheStack up to 4.0.1 HTTP Request wbs_loop infinite loop
A vulnerability classified as problematic has been found in InterNiche NicheStack up to 4.0.1. Affected is the function wbs_loop of
Nagios XI up to 5.8.4 HTTP Request permission
A vulnerability, which was classified as critical, was found in Nagios XI up to 5.8.4 (Log Management Software). This affects
MONITORAPP AIMANAGER prior B115 HTTP Request os command injection
A vulnerability has been found in MONITORAPP AIMANAGER and classified as critical. Affected by this vulnerability is some unknown functionality
D-Link DIR-825 2.10b02 HTTP Request /vct_wan strchr memory corruption
A vulnerability has been found in D-Link DIR-825 2.10b02 (Router Operating System) and classified as critical. This vulnerability affects the
actix-http Crate up to 3.0.0-beta.8 on Rust HTTP request smuggling
A vulnerability was found in actix-http Crate up to 3.0.0-beta.8 on Rust (Rust Package). It has been classified as critical.
D-Link DSP-W215 1.10 HTTP Request usr/bin/lighttpd null pointer dereference
A vulnerability, which was classified as problematic, was found in D-Link DSP-W215 1.10. This affects some unknown processing of the
Zoho ManageEngine Asset Explorer Agent HTTP Request AEAgent.cpp heap-based overflow
A vulnerability was found in Zoho ManageEngine Asset Explorer Agent (affected version not known). It has been rated as critical.
Advantech R-SeeNet 2.4.12 HTTP Request options.php file inclusion
A vulnerability was found in Advantech R-SeeNet 2.4.12. It has been declared as critical. This vulnerability affects some unknown functionality
D-Link DIR-3040 1.13B03 HTTP Request information disclosure
A vulnerability was found in D-Link DIR-3040 1.13B03 (Router Operating System). It has been rated as problematic. This issue affects
Ubiquiti UniFi Protect G3 FLEX 4.30.0.67 HTTP Request resource consumption
A vulnerability has been found in Ubiquiti UniFi Protect G3 FLEX 4.30.0.67 and classified as problematic. Affected by this vulnerability
SING4G 4GEE Router HH70VB HH70_E1_02.00_22 HTTP Request resource consumption
A vulnerability classified as problematic was found in SING4G 4GEE Router HH70VB HH70_E1_02.00_22 (Router Operating System). Affected by this vulnerability
Moxa Mgate MB3180 2.1 HTTP Request resource consumption
A vulnerability, which was classified as problematic, was found in Moxa Mgate MB3180 2.1 (Automation Software). This affects some unknown
Opencast up to 9.5 HTTP Request xml entity expansion
A vulnerability was found in Opencast up to 9.5. It has been declared as critical. This vulnerability affects an unknown
Sharp NEC UN462A HTTP Request Remote Privilege Escalation [CVE-2021-20698]
A vulnerability was found in Sharp NEC UN462A, UN462VA, UN492S, UN492VS, UN552A, UN552S, UN552VS, UN552, UN552V, UX552S, UN552, V864Q, C861Q,
Sharp NEC UN462A HTTP Request buffer overflow [CVE-2021-20699]
A vulnerability classified as critical was found in Sharp NEC UN462A, UN462VA, UN492S, UN492VS, UN552A, UN552S, UN552VS, UN552, UN552V, UX552S,
Tenda N300 Authentication Bypass via Malformed HTTP Request Header
Overview : Tenda N300 allows Authentication Bypass vuln through Malformed HTTP Request Affected Product(s) : N300/N301 Router Vulnerability Details :
CVE-2024-12840 : RED HAT SATELLITE HTTP PROXY SERVER-SIDE REQUEST FORGERY
Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with
CVE-2024-44466 : COMFAST CF-XR11 2.7.2 HTTP POST REQUEST /USR/BIN/WEBMGNT SUB_424CB4 IFACE COMMAND INJECTION
Description COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt
CVE-2024-6342 : ZYXEL NAS326/NAS542 UP TO 5.21 HTTP POST REQUEST OS COMMAND INJECTION
Description **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and
CVE-2024-45388 : SPECTOLABS HOVERFLY UP TO 1.10.2 HTTP POST REQUEST /API/V2/SIMULATION INFORMATION DISCLOSURE
Description Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST
CVE-2024-29972 : ZYXEL NAS326/NAS542 PRIOR 5.21 HTTP POST REQUEST REMOTE_HELP-CGI OS COMMAND INJECTION
Description ** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 firmware versions
CVE-2023-51441 : APACHE AXIS 1.X SERVICE ADMIN HTTP API SERVICEFACTORY.JAVA SERVER-SIDE REQUEST FORGERY
Description ** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin
CVE-2023-7095 : TOTOLINK A7100RU 7.4CU.2313_B20191024 HTTP POST REQUEST CSTECGI.CGI MAIN FLAG BUFFER OVERFLOW
Description A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is
CVE-2023-48782 : FORTINET FORTIWLM UP TO 8.6.5 HTTP GET REQUEST OS COMMAND INJECTION
Description A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0