146 matches found
Cisco IOS XE Denial of Service Vulnerability (CNVD-2020-70971)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the IP Address Resolution Protocol ARP feature of Cisco IOS XE used by Cisco ASR 1000 Series Converged Services Routers. The...
CVE-2020-3508
A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...
CVE-2020-3508
A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...
Race condition
A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...
PT-2020-17253 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers affected versions not specified Description: A vulnerability in the IP Address Resolution Protocol ARP feature could allow an unauthenticated, adjacent attacker to...
Treck TCP/IP ARP Component Input Validation Error Vulnerability
Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An input validation error vulnerability exists in the Treck TCP/IP ARP component. An attacker could exploit the vulnerability to cause an out-of-bounds...
CVE-2020-3334
A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in ...
PT-2020-2508 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower Threat Defense versions affected versions not specified Description: The issue is related to the incorrect processing of ARP packets, which could allow...
Cisco NX-OS Software Data Forgery Issue Vulnerability (CNVD-2020-14755)
Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A data forgery vulnerability exists in the Optional Broadcast Gateway feature of Cisco NX-OS Software, which arises from the program failing to properly validate received...
CVE-2020-3174
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...
Input validation
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...
Unspecified Vulnerability in ZyXEL GS1900 (CNVD-2019-41672)
ZyXEL GS1900 is a managed switch from ZyXEL Taiwan, China. A security vulnerability exists in the Zyxel GS1900 using firmware prior to version 2.50AAHH.0C0, which originates from the libclicmd.so library in 'cmdsystracerouteexec', 'cmd sysarpclear' and 'cmdsyspingexec' functions in the...
The vulnerability of the ZingBox Inspector, a network traffic processor, arises due to the lack of protection against ARP information spoofing. This allows attackers to increase their privileges.
The vulnerability of the ZingBox Inspector network traffic processor exists due to the lack of protection against ARP information spoofing. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
CVE-2019-15022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for the Inspector to be susceptible to ARP spoofing...
The vulnerability of D-Link router microprogramming software arises from insufficient validation of input data, allowing attackers to circumvent the separation between the host network and the guest network.
The vulnerability of D-Link router microprogramming software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to circumvent the separation between the host network and the guest network by sending a specially...
D-Link DIR-825AC G1 Access Control Error Vulnerability
The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router. A security vulnerability exists in the D-link DIR-825AC G1. The vulnerability stems from insufficient isolation between a host network and a client network established by the same device. An attacker could exploit the...
PT-2019-3096 · D Link · D-Link Dir-825Ac G1
Name of the Vulnerable Software and Affected Versions: D-link DIR-825AC G1 versions affected versions not specified Description: The issue is related to insufficient compartmentalization between a host network and a guest network established by the same device. These devices forward ARP requests...
Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25702)
Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. An attacker could exploit this vulnerability by sending a reverse ARP response to an affected system to assign a unicast IPv...
CVE-2018-0063
A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces IRIs next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existin...
Tcpdump ARP Parser Buffer Overflow Vulnerability
Tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.ARP parser is one of the address resolution protocol parsers. A...