VARIoT IoT vulnerabilities database

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function. TOTOLINK of EX200 A code injection vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK EX200 is a wireless N range extender developed by China's TOTOLINK Electronics. It is primarily used to extend the coverage of existing Wi-Fi networks and resolve signal dead zones. An attacker could exploit this vulnerability to execute arbitrary code

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a Denial-of-Service (DoS) vulnerability in the RebootSystem function which can reboot the system without authorization. TOTOLINK of EX200 The firmware contains a special element sanitization vulnerability.Service operation interruption (DoS) It may be in a state. The TOTOLINK EX200 is a wireless N range extender released by China's Jiweng Electronics (TOTOLINK). It is primarily used to extend the coverage of existing Wi-Fi networks and resolve signal dead zones. The TOTOLINK EX200 suffers from a denial of service vulnerability caused by a failure to properly validate user input in the RebootSystem method

TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without authorization via the telnet_enabled parameter in the setTelnetCfg function. TOTOLINK of EX200 Firmware contains an access control vulnerability.Information may be obtained. The TOTOLINK EX200 is a wireless N range extender developed by China's TOTOLINK Electronics. It is primarily used to extend the coverage of existing Wi-Fi networks and resolve signal dead zones. The TOTOLINK EX200 has a security vulnerability due to improper permission management

In TMU_IPC_GET_TABLE, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Google of Android Exists in an out-of-bounds read vulnerability.Information may be obtained. Google Pixel is a smartphone produced by Google in the United States. The vulnerability is caused by the lack of boundary checking in the TMU_IPC_GET_TABLE module. Attackers can exploit this vulnerability to obtain local information

In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Google of Android Exists in a permission management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smartphone produced by Google in the United States

u-boot bug that allows for u-boot shell and interrupt over UART . Google of Chromecast Firmware has a lack of authentication vulnerability for critical functionality.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution. Shenzhen Tenda Technology Co.,Ltd. of AC18 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in July 2016, primarily for villa and large-sized home users

None

None

None

None

None

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. ========================================================================== Ubuntu Security Notice USN-6729-2 April 17, 2024 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Apache HTTP Server. Software Description: - apache2: Apache HTTP server Details: USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue was addressed only in Ubuntu 18.04 LTS. (CVE-2024-27316) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): apache2 2.4.29-1ubuntu4.27+esm2 Ubuntu 16.04 LTS (Available with Ubuntu Pro): apache2 2.4.18-2ubuntu3.17+esm12 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6729-2 https://ubuntu.com/security/notices/USN-6729-1 CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 . For the oldstable distribution (bullseye), these problems have been fixed in version 2.4.59-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 2.4.59-1~deb12u1. We recommend that you upgrade your apache2 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Apache HTTPD: Multiple Vulnerabilities Date: September 28, 2024 Bugs: #928540, #935296, #935427, #936257 ID: 202409-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service. Affected packages ================= Package Vulnerable Unaffected ------------------ ------------ ------------ www-servers/apache < 2.4.62 >= 2.4.62 Description =========== Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Apache HTTPD users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.62" References ========== [ 1 ] CVE-2023-38709 https://nvd.nist.gov/vuln/detail/CVE-2023-38709 [ 2 ] CVE-2024-24795 https://nvd.nist.gov/vuln/detail/CVE-2024-24795 [ 3 ] CVE-2024-27316 https://nvd.nist.gov/vuln/detail/CVE-2024-27316 [ 4 ] CVE-2024-36387 https://nvd.nist.gov/vuln/detail/CVE-2024-36387 [ 5 ] CVE-2024-38472 https://nvd.nist.gov/vuln/detail/CVE-2024-38472 [ 6 ] CVE-2024-38473 https://nvd.nist.gov/vuln/detail/CVE-2024-38473 [ 7 ] CVE-2024-38474 https://nvd.nist.gov/vuln/detail/CVE-2024-38474 [ 8 ] CVE-2024-38475 https://nvd.nist.gov/vuln/detail/CVE-2024-38475 [ 9 ] CVE-2024-38476 https://nvd.nist.gov/vuln/detail/CVE-2024-38476 [ 10 ] CVE-2024-38477 https://nvd.nist.gov/vuln/detail/CVE-2024-38477 [ 11 ] CVE-2024-39573 https://nvd.nist.gov/vuln/detail/CVE-2024-39573 [ 12 ] CVE-2024-39884 https://nvd.nist.gov/vuln/detail/CVE-2024-39884 [ 13 ] CVE-2024-40725 https://nvd.nist.gov/vuln/detail/CVE-2024-40725 [ 14 ] CVE-2024-40898 https://nvd.nist.gov/vuln/detail/CVE-2024-40898 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202409-31 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-07-29-2024-4 macOS Sonoma 14.6 macOS Sonoma 14.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214119. Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Accounts Available for: macOS Sonoma Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks. CVE-2024-40804: IES Red Team of ByteDance apache Available for: macOS Sonoma Impact: Multiple issues in apache Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-38709: Yeto CVE-2024-24795: Yeto CVE-2024-27316: Yeto APFS Available for: macOS Sonoma Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access. CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40774: Mickey Jin (@patch1t) CVE-2024-40814: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40775: Mickey Jin (@patch1t) AppleVA Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: The issue was addressed with improved memory handling. CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative ASP TCP Available for: macOS Sonoma Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2024-27878: CertiK SkyFall Team CoreGraphics Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40799: D4m0n CoreMedia Available for: macOS Sonoma Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations curl Available for: macOS Sonoma Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 DesktopServices Available for: macOS Sonoma Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks. CVE-2024-40827: an anonymous researcher dyld Available for: macOS Sonoma Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with additional validation. CVE-2024-40815: w0wbox Family Sharing Available for: macOS Sonoma Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved data protection. CVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji ImageIO Available for: macOS Sonoma Impact: Processing an image may lead to a denial-of-service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-6277 CVE-2023-52356 ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40806: Yisumi ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40777: Junsung Lee working with Trend Micro Zero Day Initiative, and Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation. CVE-2024-40784: Junsung Lee working with Trend Micro Zero Day Initiative, Gandalf4a Kernel Available for: macOS Sonoma Impact: A local attacker may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved private data redaction for log entries. CVE-2024-27863: CertiK SkyFall Team Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-40816: sqrtpwn Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling. CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University Keychain Access Available for: macOS Sonoma Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation libxpc Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A permissions issue was addressed with additional restrictions. CVE-2024-40805 Messages Available for: macOS Sonoma Impact: An app may be able to view a contact's phone number in system logs Description: The issue was addressed with improved checks. CVE-2024-40832: Rodolphe BRUNETTI (@eisw0lf) NetworkExtension Available for: macOS Sonoma Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40796: Adam M. OpenSSH Available for: macOS Sonoma Impact: A remote attacker may be able to cause arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-6387 PackageKit Available for: macOS Sonoma Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks. CVE-2024-40781: Mickey Jin (@patch1t) CVE-2024-40802: Mickey Jin (@patch1t) PackageKit Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks. CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong PackageKit Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2024-27882: Mickey Jin (@patch1t) CVE-2024-27883: Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Kandji Photos Storage Available for: macOS Sonoma Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management. CVE-2024-40778: Mateen Alinaghi Restore Framework Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation. CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos Safari Available for: macOS Sonoma Impact: An app may bypass Gatekeeper checks Description: A race condition was addressed with improved locking. CVE-2023-27952: Csaba Fitzl (@theevilbit) of Offensive Security Safari Available for: macOS Sonoma Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India) Sandbox Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed through improved state management. CVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog), and Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong Sandbox Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: A path handling issue was addressed with improved validation. CVE-2024-27871: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji, and Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong Scripting Bridge Available for: macOS Sonoma Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-27881: Kirin (@Pwnrin) Security Available for: macOS Sonoma Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2024-40821: Joshua Jones Security Available for: macOS Sonoma Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-40798: Adam M. Security Initialization Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks. CVE-2024-27872: Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong Setup Assistant Available for: macOS Sonoma Impact: Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled Description: A logic issue was addressed with improved state management. CVE-2024-27862: Jiwon Park Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks. CVE-2024-40833: an anonymous researcher CVE-2024-40835: an anonymous researcher CVE-2024-40836: an anonymous researcher CVE-2024-40807: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40834: Marcio Almeida from Tanto Security Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks. CVE-2024-40809: an anonymous researcher CVE-2024-40812: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40787: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code. CVE-2024-40793: Kirin (@Pwnrin) Siri Available for: macOS Sonoma Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40818: Bistrit Dahal and Srijan Poudel Siri Available for: macOS Sonoma Impact: An attacker with physical access to a device may be able to access contacts from the lock screen Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40822: Srijan Poudel StorageKit Available for: macOS Sonoma Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks. CVE-2024-40828: Mickey Jin (@patch1t) sudo Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks. CVE-2024-40811: Arsenii Kostromin (0x3c3e) WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 273176 CVE-2024-40776: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 268770 CVE-2024-40782: Maksymilian Motyl WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 275431 CVE-2024-40779: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 275273 CVE-2024-40780: Huang Xilin of Ant Group Light-Year Security Lab WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. WebKit Bugzilla: 273805 CVE-2024-40785: Johan Carlsson (joaxcar) WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40789: Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with Trend Micro Zero Day Initiative WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. WebKit Bugzilla: 274165 CVE-2024-4558 WebKit Available for: macOS Sonoma Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management. WebKit Bugzilla: 275272 CVE-2024-40794: Matthew Butler Additional recognition AirDrop We would like to acknowledge Linwz of DEVCORE for their assistance. DiskArbitration We would like to acknowledge Yann GASCUEL of Alter Solutions for their assistance. Image Capture We would like to acknowledge an anonymous researcher for their assistance. Shortcuts We would like to acknowledge an anonymous researcher for their assistance. WebKit We would like to acknowledge an anonymous researcher for their assistance. macOS Sonoma 14.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH5kACgkQX+5d1TXa IvoS9g/9FoLSV93tVrIOZIM4w/BEZRFu/T1DfMPzOsZsOrvaQicKq7ezW+pRrMXI G0QBIz1QGCYZikcbyQOpgzl9Rk7ckfq+mMCn1ESWku1DbR6MOU7lZEpWRsjYStQY ra6BRT45GPtGG0YFyQXGnxMoS5IXopV5tmgQ4M4585xXso4/Dw192Vq/68NPIB2V ywa6fCo6VC7/hHMe0v5GFVJzmSymEYF3b0CNHZVFx1K793hHrYjH1Dj4NcRlqyln Kp3IrABhPPW8l67gS6f8RicZwzWOH3Ubwv4kivlTtDusqeX+/7mlXrvGTYd5G39P 70jSwUeekfYkQYGT5yLjFCOTM98ApG4iHnryEkpNldMk9JRozoN3VT5PDv6b7EtR YsG1UiZNn0rq1TurFHdsX7G8LZX1jBe1XNy883FeuPlXuPQwGcds+Q5UpiGoM5Kj xx0SGiaK4Lg9tOsGDvHDvrtgl9vIGYy07953Gre+xUhdNs+AnG8KhwKs+n3WYjcL lH3ffMkq/NTVohaNaIcNk4YQ7Y5+y9Y0Z2YuYTmaOipxMNEpOnvJj6LB1H5Qgj4M LIuUxs1gl2b7B93J95w8FmdFewvUCgcZwTxU2ltsYAcZHnRwWE0twYP5v1Pc8tOG MZuvS0pTI+hgve1viS0inOnRpoYv+KzkaSYEhvsS16NgDuRUOqE= =eOPj -----END PGP SIGNATURE-----

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. Apache Software Foundation of Apache HTTP Server A vulnerability exists in products from multiple vendors, including improper validation of quantities specified in input.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ========================================================================== Ubuntu Security Notice USN-6729-2 April 17, 2024 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Apache HTTP Server. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue was addressed only in Ubuntu 18.04 LTS. (CVE-2024-27316) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): apache2 2.4.29-1ubuntu4.27+esm2 Ubuntu 16.04 LTS (Available with Ubuntu Pro): apache2 2.4.18-2ubuntu3.17+esm12 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6729-2 https://ubuntu.com/security/notices/USN-6729-1 CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 . For the oldstable distribution (bullseye), these problems have been fixed in version 2.4.59-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 2.4.59-1~deb12u1. We recommend that you upgrade your apache2 packages. The following advisory data is extracted from: https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6927.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP6 security update Advisory ID: RHSA-2024:6927-03 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2024:6927 Issue date: 2024-09-24 Revision: 03 CVE Names: CVE-2023-38709 ==================================================================== Summary: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 5, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Security Fix(es): * jbcs-httpd24-httpd: HTTP response splitting (CVE-2023-38709) A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Apache HTTPD: Multiple Vulnerabilities Date: September 28, 2024 Bugs: #928540, #935296, #935427, #936257 ID: 202409-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service. Affected packages ================= Package Vulnerable Unaffected ------------------ ------------ ------------ www-servers/apache < 2.4.62 >= 2.4.62 Description =========== Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Apache HTTPD users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.62" References ========== [ 1 ] CVE-2023-38709 https://nvd.nist.gov/vuln/detail/CVE-2023-38709 [ 2 ] CVE-2024-24795 https://nvd.nist.gov/vuln/detail/CVE-2024-24795 [ 3 ] CVE-2024-27316 https://nvd.nist.gov/vuln/detail/CVE-2024-27316 [ 4 ] CVE-2024-36387 https://nvd.nist.gov/vuln/detail/CVE-2024-36387 [ 5 ] CVE-2024-38472 https://nvd.nist.gov/vuln/detail/CVE-2024-38472 [ 6 ] CVE-2024-38473 https://nvd.nist.gov/vuln/detail/CVE-2024-38473 [ 7 ] CVE-2024-38474 https://nvd.nist.gov/vuln/detail/CVE-2024-38474 [ 8 ] CVE-2024-38475 https://nvd.nist.gov/vuln/detail/CVE-2024-38475 [ 9 ] CVE-2024-38476 https://nvd.nist.gov/vuln/detail/CVE-2024-38476 [ 10 ] CVE-2024-38477 https://nvd.nist.gov/vuln/detail/CVE-2024-38477 [ 11 ] CVE-2024-39573 https://nvd.nist.gov/vuln/detail/CVE-2024-39573 [ 12 ] CVE-2024-39884 https://nvd.nist.gov/vuln/detail/CVE-2024-39884 [ 13 ] CVE-2024-40725 https://nvd.nist.gov/vuln/detail/CVE-2024-40725 [ 14 ] CVE-2024-40898 https://nvd.nist.gov/vuln/detail/CVE-2024-40898 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202409-31 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-07-29-2024-4 macOS Sonoma 14.6 macOS Sonoma 14.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214119. Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Accounts Available for: macOS Sonoma Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks. CVE-2024-40804: IES Red Team of ByteDance apache Available for: macOS Sonoma Impact: Multiple issues in apache Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-38709: Yeto CVE-2024-24795: Yeto CVE-2024-27316: Yeto APFS Available for: macOS Sonoma Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access. CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40774: Mickey Jin (@patch1t) CVE-2024-40814: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40775: Mickey Jin (@patch1t) AppleVA Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: The issue was addressed with improved memory handling. CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative ASP TCP Available for: macOS Sonoma Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2024-27878: CertiK SkyFall Team CoreGraphics Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40799: D4m0n CoreMedia Available for: macOS Sonoma Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations curl Available for: macOS Sonoma Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 DesktopServices Available for: macOS Sonoma Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks. CVE-2024-40827: an anonymous researcher dyld Available for: macOS Sonoma Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with additional validation. CVE-2024-40815: w0wbox Family Sharing Available for: macOS Sonoma Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved data protection. CVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji ImageIO Available for: macOS Sonoma Impact: Processing an image may lead to a denial-of-service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-6277 CVE-2023-52356 ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40806: Yisumi ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40777: Junsung Lee working with Trend Micro Zero Day Initiative, and Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation. CVE-2024-40784: Junsung Lee working with Trend Micro Zero Day Initiative, Gandalf4a Kernel Available for: macOS Sonoma Impact: A local attacker may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved private data redaction for log entries. CVE-2024-27863: CertiK SkyFall Team Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-40816: sqrtpwn Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling. CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University Keychain Access Available for: macOS Sonoma Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation libxpc Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A permissions issue was addressed with additional restrictions. CVE-2024-40805 Messages Available for: macOS Sonoma Impact: An app may be able to view a contact's phone number in system logs Description: The issue was addressed with improved checks. CVE-2024-40832: Rodolphe BRUNETTI (@eisw0lf) NetworkExtension Available for: macOS Sonoma Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40796: Adam M. OpenSSH Available for: macOS Sonoma Impact: A remote attacker may be able to cause arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-6387 PackageKit Available for: macOS Sonoma Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks. CVE-2024-40781: Mickey Jin (@patch1t) CVE-2024-40802: Mickey Jin (@patch1t) PackageKit Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks. CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong PackageKit Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2024-27882: Mickey Jin (@patch1t) CVE-2024-27883: Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Kandji Photos Storage Available for: macOS Sonoma Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management. CVE-2024-40778: Mateen Alinaghi Restore Framework Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation. CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos Safari Available for: macOS Sonoma Impact: An app may bypass Gatekeeper checks Description: A race condition was addressed with improved locking. CVE-2023-27952: Csaba Fitzl (@theevilbit) of Offensive Security Safari Available for: macOS Sonoma Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India) Sandbox Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed through improved state management. CVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog), and Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong Sandbox Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: A path handling issue was addressed with improved validation. CVE-2024-27871: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji, and Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong Scripting Bridge Available for: macOS Sonoma Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-27881: Kirin (@Pwnrin) Security Available for: macOS Sonoma Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2024-40821: Joshua Jones Security Available for: macOS Sonoma Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-40798: Adam M. Security Initialization Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks. CVE-2024-27872: Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong Setup Assistant Available for: macOS Sonoma Impact: Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled Description: A logic issue was addressed with improved state management. CVE-2024-27862: Jiwon Park Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks. CVE-2024-40833: an anonymous researcher CVE-2024-40835: an anonymous researcher CVE-2024-40836: an anonymous researcher CVE-2024-40807: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40834: Marcio Almeida from Tanto Security Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks. CVE-2024-40809: an anonymous researcher CVE-2024-40812: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40787: an anonymous researcher Shortcuts Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code. CVE-2024-40793: Kirin (@Pwnrin) Siri Available for: macOS Sonoma Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40818: Bistrit Dahal and Srijan Poudel Siri Available for: macOS Sonoma Impact: An attacker with physical access to a device may be able to access contacts from the lock screen Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40822: Srijan Poudel StorageKit Available for: macOS Sonoma Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks. CVE-2024-40828: Mickey Jin (@patch1t) sudo Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks. CVE-2024-40811: Arsenii Kostromin (0x3c3e) WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 273176 CVE-2024-40776: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 268770 CVE-2024-40782: Maksymilian Motyl WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 275431 CVE-2024-40779: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 275273 CVE-2024-40780: Huang Xilin of Ant Group Light-Year Security Lab WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. WebKit Bugzilla: 273805 CVE-2024-40785: Johan Carlsson (joaxcar) WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40789: Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with Trend Micro Zero Day Initiative WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. WebKit Bugzilla: 274165 CVE-2024-4558 WebKit Available for: macOS Sonoma Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management. WebKit Bugzilla: 275272 CVE-2024-40794: Matthew Butler Additional recognition AirDrop We would like to acknowledge Linwz of DEVCORE for their assistance. DiskArbitration We would like to acknowledge Yann GASCUEL of Alter Solutions for their assistance. Image Capture We would like to acknowledge an anonymous researcher for their assistance. Shortcuts We would like to acknowledge an anonymous researcher for their assistance. WebKit We would like to acknowledge an anonymous researcher for their assistance. macOS Sonoma 14.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH5kACgkQX+5d1TXa IvoS9g/9FoLSV93tVrIOZIM4w/BEZRFu/T1DfMPzOsZsOrvaQicKq7ezW+pRrMXI G0QBIz1QGCYZikcbyQOpgzl9Rk7ckfq+mMCn1ESWku1DbR6MOU7lZEpWRsjYStQY ra6BRT45GPtGG0YFyQXGnxMoS5IXopV5tmgQ4M4585xXso4/Dw192Vq/68NPIB2V ywa6fCo6VC7/hHMe0v5GFVJzmSymEYF3b0CNHZVFx1K793hHrYjH1Dj4NcRlqyln Kp3IrABhPPW8l67gS6f8RicZwzWOH3Ubwv4kivlTtDusqeX+/7mlXrvGTYd5G39P 70jSwUeekfYkQYGT5yLjFCOTM98ApG4iHnryEkpNldMk9JRozoN3VT5PDv6b7EtR YsG1UiZNn0rq1TurFHdsX7G8LZX1jBe1XNy883FeuPlXuPQwGcds+Q5UpiGoM5Kj xx0SGiaK4Lg9tOsGDvHDvrtgl9vIGYy07953Gre+xUhdNs+AnG8KhwKs+n3WYjcL lH3ffMkq/NTVohaNaIcNk4YQ7Y5+y9Y0Z2YuYTmaOipxMNEpOnvJj6LB1H5Qgj4M LIuUxs1gl2b7B93J95w8FmdFewvUCgcZwTxU2ltsYAcZHnRwWE0twYP5v1Pc8tOG MZuvS0pTI+hgve1viS0inOnRpoYv+KzkaSYEhvsS16NgDuRUOqE= =eOPj -----END PGP SIGNATURE-----

IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain highly sensitive private information or cause a denial of service using a specially crafted HTTP request. IBM X-Force ID: 286584

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link DNS-320L firmware, dns-120 firmware, dnr-202l firmware etc. D-Link Systems, Inc. The product contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. D-Link DNS-320L firmware, dns-120 firmware, dnr-202l firmware etc. D-Link Systems, Inc. The product contains a vulnerability related to the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco Small Business is a switch of Cisco. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data by the application

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter. (DoS) It may be in a state. NETGEAR R6850 is a wireless router from NETGEAR. Attackers can exploit this vulnerability to cause arbitrary command execution

An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. Netgear R6850 is a wireless router from NETGEAR