CVE-2026-20220 Cisco Crosswork Network Controller Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input validation in the configuration template engine of the...

Kwetsbaarheid verholpen in Cisco Crosswork Network Controller

Cisco has identified a vulnerability in the Cisco Crosswork Network Controller. This vulnerability involves a denial-of-service attack that can be exploited by unauthorized external attackers. The attack involves overwhelming the system with a large number of connection requests, causing services...

EUVD-2026-27860

A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller CNC and Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected system. This vulnerability is due to an inadequate...

CVE-2026-20188

Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) are affected by a denial-of-service (DoS) condition due to an inadequate rate-limiting implementation on the connection-handling mechanism. An unauthenticated remote attacker can overwhelm the system with a hig...

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service DoS condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator NSO, additional information has been made available to the Cisco Product Security Incident Response Team PSIRT. Upon...

PT-2026-37655

Name of the Vulnerable Software and Affected Versions Cisco Crosswork Network Controller CNC versions prior to 7.2 Cisco Network Services Orchestrator NSO versions prior to 6.4.1.3 Description An inadequate implementation of rate-limiting on incoming network connections in the connection-handling...

EUVD-2019-6913

Malware in sbrugna...

EUVD-2025-2151

Malicious code in bioql PyPI...

EUVD-2024-18096

Malicious code in bioql PyPI...

EUVD-2024-18081

Malicious code in bioql PyPI...

EUVD-2024-18084

Malicious code in bioql PyPI...

EUVD-2024-18104

Malicious code in bioql PyPI...

EUVD-2024-18041

Malicious code in bioql PyPI...

EUVD-2024-18098

Malicious code in bioql PyPI...

CVE-2025-20123

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against users of the interface of an affected system. These vulnerabilities exist because the web-based...

CVE-2024-20369

A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a parameter in an HTTP request. An...

CVE-2024-20366

A vulnerability in the Tail-f High Availability Cluster Communications HCC function pack of Cisco Crosswork Network Services Orchestrator NSO could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability exists because a user-controlled searc...

CVE-2024-20381

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator NSO and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the...

Cisco Crosswork Network Controller Cross-Site Scripting Vulnerability

Cisco Crosswork Network Controller is a network controller from Cisco USA. The Cisco Crosswork Network Controller suffers from a stored cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive...

The vulnerability in the web interface of the Cisco Crosswork Network Controller (CNC) allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Crosswork Network Controller CNC management interface is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...