Security Advisory for Post-Authentication Command Injection on Some Routers and Gateways, PSV-2018-0352
Overview : Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400
Multiple SQL injection vulnerabilities in D-Link DSR-Routers
Overview : Multiple SQL injection vulnerabilities in D-Link DSR Routers Affected Product(s) : D-Link DSR-150 (Firmware < v1.08B44) D-Link DSR-150N
Incorrect Control over DrayTek Vigor Router
Overview : On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to
Denial of Service attack in Tenda N301 wireless routers
Overview : In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value.
What Is a Volumetric DDoS Attack?
Home What Is a Volumetric DDoS Attack? 1.9k Views 8 min. read Learning Center Related Content What Is an API
What Is Layer 3, 4, and 7 DDoS?
Home What Is Layer 3, 4, and 7 DDoS? 1.2k Views 7 min. read Learning Center Related Content What Is
Does a CDN Make a Website Faster?
Home Does a CDN Make a Website Faster? 3.2k Views 9 min. read Learning Center Related Content What Are the
What Is a Ransom DDoS (RDoS) Attack?
Home What Is a Ransom DDoS (RDoS) Attack? 1.2k Views 8 min. read Learning Center Related Content What Is an
How Do ISPs Handle Large DDoS Attacks?
Home How Do ISPs Handle Large DDoS Attacks? 1.1k Views 6 min. read Learning Center Related Content What Is Behavioral
What Is DDoS Mitigation?
Home What Is DDoS Mitigation? 2.6k Views 7 min. read Learning Center Related Content How to Stop a DDoS Attack?
What Is a DDoS Attack?
Home What Is a DDoS Attack? 67.9k Views 8 min. read Learning Center Related Content How Does a DDoS Attack
CVE-2024-20381 : CISCO IOS XR JSON-RPC API IMPROPER AUTHORIZATION
Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco
CVE-2024-7261 : ZYXEL NWA1123ACV3/WAC500/WAX655E/WBE530/USG LITE 60AX COOKIE HOST OS COMMAND INJECTION
Description The improper neutralization of special elements in the parameter “host” in the CGI program of Zyxel NWA1123ACv3 firmware version
CVE-2024-43414 : APOLLOGRAPHQL FEDERATION UP TO 1.52.0/2.8.4 RECURSION
Description Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice
CVE-2024-39607 : ELECOM WRC-X6000XS-G/WRC-X1500GS-B/WRC-X1500GSA-B UP TO 1.11 OS COMMAND INJECTION
Description OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the
CVE-2024-6146 : ACTIONTEC WCB6200Q 1.2L.03.5 HTTP SERVER UH_GET_POSTDATA_WITHUPLOAD STACK-BASED OVERFLOW
Description Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code
CVE-2024-3079 : ASUS ZENWIFI XT8 UP TO 3.0.0.4 STACK-BASED OVERFLOW
Description Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands
CVE-2024-28283 : LINKSYS E1000 UP TO 2.1.03 PC_CHANGE_ACT STACK-BASED OVERFLOW
Description There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading
What Is TCP RST Floods SSL?
TCP RST Floods SSL is a form of Distributed Denial of Service (DDoS) attack that focuses on disrupting secure connections
What Are GRE-IP UDP Floods?
Generic Routing Encapsulation (GRE) is a tunneling protocol that encapsulates various network protocols within Internet Protocol (IP) packets. User Datagram
What Is An SNMP Amplification Attack? How Does SNMP Amplification Work?
Simple Network Management Protocol (SNMP) is a widely used protocol for managing and monitoring network devices. It allows network administrators
What Is SSDP Amplification Attack?
The Simple Service Discovery Protocol (SSDP) is a network protocol used by devices to discover and communicate with each other
What Is A SYN Flood Attacks?
In a TCP (Transmission Control Protocol) connection, a three-way handshake is performed between the client and the server to establish
Vulnerability Assessment And Penetration Testing (VAPT)
Why would your Business need VAPT? It is very necessary to conduct a network security audit periodically to ensure the