Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lighttpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41228
D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to expl...
NA
CVE-2023-41229
D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not require...
NA
CVE-2023-41216
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to...
NA
CVE-2023-41223
D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required ...
NA
CVE-2023-41222
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to explo...
NA
CVE-2023-27360
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific...
NA
CVE-2023-35720
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. T...
NA
CVE-2023-51631
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to ex...
NA
CVE-2007-2841
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3947. Reason: This candidate is a reservation duplicate of CVE-2007-3947. Notes: All CVE users should reference CVE-2007-3947 instead of this candidate. All references and descriptions in this candidate have ...
NA
CVE-2016-1000212
Dominic Scheirlinck and Scott Geary of Vend reported insecure behavior in the lighttpd web server. Lighttpd assigned Proxy header values from client requests to internal HTTP_PROXY environment variables, allowing remote attackers to carry out Man in the Middle (MITM) attacks or i...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »