An issue was discovered on WyreStorm Apollo VX20 versions prior to 1.3.58. Remote attackers can restart the device via a /device/reboot HTTP GET request.
71ed0ed4b76f256b8bd1404c82d84f6ea9cb5e1dc7d524c924f1e48e87fda240WyreStorm Apollo VX20 versions prior to 1.3.58 suffer from a cleartext credential disclosure vulnerability when accessing /device/config with an HTTP GET.
a6feae36b231357c01d0981614dd1286ff4a68f77ee073b39519e2b9ab1fa9aaDebian Linux Security Advisory 5618-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user. Wangtaiyu discovered that processing web content may lead to arbitrary code execution. Apple discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.
6da18f2f63505ce1e7bc16caeda8561a73818bb23b24d17427a1f16b8fcfce64GoAhead Web Server version 2.5 suffers from an html injection vulnerability.
24379e92a45cc4550d65aa00b2c98eadf098d5bae864bf1e06214b44e2d34384WebCatalog versions prior to 48.8 call the Electron shell.openExternal function without verifying that the URL is for an http or https resource. This vulnerability allows an attacker to potentially execute code through arbitrary protocols on the victims machine by having users sync pages with malicious URLs. The victim has to interact with the link, which can then enable an attacker to bypass security measures for malicious file delivery.
697050685574d8cbeaf2f42aaa7b87535a8f6cf1ec1ce436dac7c65634057623Apache Tomcat suffers from a client-side de-sync vulnerability via HTTP request smuggling. Apache Tomcat versions 8.5.7 through 8.5.63 and 9.0.0-M11 through 9.0.43 are vulnerable.
9daa4b224c94ad0336e94e92c1982742af04bc736d61fa10874a83b9c581e7c5TELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration.
4ca01a27bd0ca6409f7d71dc7c9c036577b1fa85f80f0723476544a5ed69de48TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to gain unauthorized access to the system with administrative privileges by exploiting the url parameter in the HTTP GET request to ekafcgi.fcgi.
46341d10fda6afba8c75a394bb4b32d1f7ec8fe113f6eab57560a1e8d79ab38aA vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and assigned CVE-2023-37679. Later, researchers from Horizon3.ai determined the patch to be incomplete and published a gadget chain which bypassed the deny list that the original had implemented. This second vulnerability was assigned CVE-2023-43208 and was patched in Mirth Connect version 4.4.1. This Metasploit module has been tested on versions 4.1.1, 4.3.0 and 4.4.0.
c858fd93ded0a54a221c8cbb76027c1a54979c692f2f5ec5173f8b90a63ff30fRed Hat Security Advisory 2024-0579-03 - An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
305dc2f086ab6e0e53625586d951b53484607a613c38d21f967e4be258a875b9Red Hat Security Advisory 2024-0539-03 - An update for tomcat is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP request smuggling vulnerability.
fa8e47d23f41893222add00ec7a6bbf4aed63207797d5557aa4db12b1466b6e9Red Hat Security Advisory 2024-0532-03 - An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a HTTP request smuggling vulnerability.
dce485660d40f94ccbc089e2371032d2c58c266c738cd21080e6323e780ef70bThis Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable.
39194aa16a97418685a42e7cf82542a18f6236bb69aa758c9c1945fa2ea34f1eRed Hat Security Advisory 2024-0422-03 - An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
e4957a0a123d4ead65bccbb63ecc1372120a026d69b2cd8599a332bb5bf561d2Debian Linux Security Advisory 5606-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, phishing, clickjacking, privilege escalation, HSTS bypass or bypass of content security policies.
62d054980f489d3898ce1066f25faf04fd13bf8be86866e7e9ef0b8a86cbb08dMiniWeb HTTP Server version 0.8.19 remote denial of service exploit.
806cf14b7bfbe59afa0635741b17030d35d81c1c23dfffe46710ae798f71c671Ubuntu Security Notice 6594-1 - Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled Helper process management. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled HTTP request parsing. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.
db3db3f46c79cee5c6cf7b45a6f9a763efc55e8e7951b7556929117aafe4bdb0Ubuntu Security Notice 6590-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service.
f40dc28e3c1750f24d759d3d0e4256073e4117e784f8a54448ad19d71f59eb02MiniWeb HTTP Server version 0.8.1 remote denial of service exploit.
248b2f630c31c5b087671d0e5ed5e860b24d7c946a245d40497623ce86f5a1efUbuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aeeUbuntu Security Notice 6575-1 - It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay responses and manipulate the responses of second requests.
ed3e7c5783d3f0cb002940795e80215d7f03c457363997ab4d6217f8021d22d0Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
96428fafe2ad31ad48b8e46a45e50a86a01fb944d7fa801a9d326ac37683dc05Intrasrv Simple Web Server version 1.0 suffers from a denial of service vulnerability.
d7370c79e707e5078287413c0fbc8380ee94a508c9537f6674c99c31529baf05sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
11ff3ec22c20f9df79ec9d008e2f17311a5e18930cc1feb4e4ad744271565916Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP request smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.
fc8ce9f7d7e0b4e319fdc0f93ae787aa27d06febf30e2dbe83382cd573c9565d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed