Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lighttpd lighttpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41223
D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required ...
NA
CVE-2023-41224
D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exp...
NA
CVE-2023-41226
D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required t...
NA
CVE-2023-44423
D-Link DIR-X3260 SetTriggerPPPoEValidate Password Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required...
NA
CVE-2023-35720
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. T...
NA
CVE-2023-41222
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to explo...
NA
CVE-2023-27360
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific...
NA
CVE-2023-51631
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to ex...
8.8
CVSSv3
CVE-2022-41140
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lighttpd service, which listens on TCP port...
Dlink Dir-882-us Firmware
Dlink Dir-867 Firmware
Dlink Dir-878 Firmware
7.5
CVSSv3
CVE-2022-41556
A resource leak in gw_backend.c in lighttpd 1.4.56 up to and including 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use o...
Lighttpd Lighttpd
Fedoraproject Fedora 35
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »