813 matches found
CVE-2026-20064
A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...
CVE-2026-20016
Cisco FXOS Software CLI contains an input-validation flaw that can allow an authenticated, local attacker with admin credentials to execute arbitrary commands on the underlying OS with root privileges. Root cause: insufficient validation of user-supplied CLI arguments in the Cisco Secure Firewall...
CVE-2026-20016
A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...
CVE-2026-20008
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...
CVE-2026-20017
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...
CVE-2026-20017 Cisco Secure FTD Software Authenticated Command Injection Vulnerability
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...
PT-2026-23022
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...
Cisco Secure Firewall Threat Defense 参数注入漏洞
Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by Cisco, a US company. Cisco Secure Firewall Threat Defense has a parameter injection vulnerability. This vulnerability stems from insufficient validation of command parameters provided by users, which may allow...
PT-2026-22976
A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker...
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞
Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...
Cisco Secure Firewall Threat Defense 安全漏洞
Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by the American company Cisco. There is a security vulnerability present in Cisco Secure Firewall Threat Defense, which stems from insufficient validation of command parameters provided by users. This vulnerability...
Cisco Secure Firewall Threat Defense 代码问题漏洞
Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by the American company Cisco. There is a code vulnerability in Cisco Secure Firewall Threat Defense, which stems from improper input validation provided by users. This vulnerability could allow authenticated local...
PT-2026-23014
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...
CVE-2025-64427
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...
CVE-2025-64427
ZimaOS (a CasaOS fork for Zima devices and x86-64 with UEFI) is vulnerable to Server-Side Request Forgery (SSRF) in version 1.5.0 and earlier. An authenticated local user can craft requests to internal targets (127.0.0.1, localhost, private ranges) due to insufficient URL validation/restriction, ...
CVE-2025-64427 ZimaOS is vulnerable to Server-Side Request Forgery (SSRF)
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...
PT-2026-22627
Name of the Vulnerable Software and Affected Versions ZimaOS versions prior to 1.5.1 Description ZimaOS, a fork of CasaOS, is susceptible to a flaw stemming from inadequate validation or restriction of target URLs. An authenticated local user can construct requests that target internal IP...
ZimaOS 代码问题漏洞
ZimaOS is an open-source operating system project by IceWhaleTech, aimed at providing a lightweight, high-performance, and secure operating system environment. ZimaOS versions 1.5.0 and earlier have code vulnerabilities; these vulnerabilities stem from insufficient validation or restrictions on...
Cisco Catalyst SD-WAN Manager < 20.18 Multiple Vulnerabilities (cisco-sa-sdwan-authbp-qwCX8D4v)
According to its self-reported version, Cisco Catalyst SD-WAN Manager is affected by multiple vulnerabilities: - A vulnerability could allow an unauthenticated, remote attacker to bypass authentication mechanisms and gain unauthorized access to the system. CVE-2026-20129 - A vulnerability could...
EUVD-2026-8672
A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. To exploit this vulnerability, the attacker...