CVE-2019-6572

CVE-2019-6572 affects Siemens SIMATIC HMI Comfort Panels (4"–22"), Comfort Outdoor Panels (7"/15"), KTP Mobile Panels, WinCC Runtime Advanced/Professional, WinCC (TIA Portal) and HMI Classic Devices all versions before V15.1 Update 1. The root cause is use of a hardcoded SNMP community string ena...

DEBIAN-CVE-2019-11025

In clearFilter in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string SNMP Options in the View poller cache, leading to XSS...

CVE-2019-11025

In clearFilter in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string SNMP Options in the View poller cache, leading to XSS...

CVE-2019-11025

CVE-2019-11025 affects Cacti prior to 1.2.3; the issue is an XSS in the SNMP Options printed value in the View poller cache due to lack of escaping in utilities.php. Impact is cross-site scripting; exploitation is possible via printing unescaped SNMP community strings. Mitigation: upgrade to a fi...

CVE-2019-11025

In clearFilter in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string SNMP Options in the View poller cache, leading to XSS...

SNMP Login Failed For Authenticated Checks

It was NOT possible to login using the provided SNMPv1 / SNMPv2 community string / SNMPv3 credentials. Hence version checks based on SNMP might not work if no other default community string was found. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a...

SNMP Login Successful For Authenticated Checks

It was possible to login using the provided SNMPv1 / SNMPv2 community string / SNMPv3 credentials. Hence version checks based on SNMP are working. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

net-snmp 5.7.3 - Authenticated Denial of Service Exploit

Exploit for linux platform in category dos / poc / | | | / / | | -| || -| | | . | ||/ ||||| ||||||| | || 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string in this case "public" leading to Denial of Service: echo -n...

net-snmp 5.7.3 Denial Of Service

/ | | | / / | | -| || -| | | . | ||/ ||||| ||||||| | || 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string in this case "public" leading to Denial of Service: echo -n...

net-snmp 5.7.3 - (Authenticated) Denial of Service (PoC)

/ | | | / / | | -| || -| | | . | ||/ ||||| ||||||| | || 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string in this case "public" leading to Denial of Service: echo -n...

CVE-2018-0329

A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Cisco Wide Area Application Services WAAS Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to a hard-coded,...

CVE-2018-0329

A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Cisco Wide Area Application Services WAAS Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to a hard-coded,...

Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability

Cisco Wide Area Application Services WAAS Software is the United States Cisco Cisco company's set of WAN link acceleration software. The software is mainly used for small bandwidth and high latency link environment. A security vulnerability in the default configuration of the Simple Network...

CVE-2018-0160

A vulnerability in Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper management of memory resources, referred to as a double free. An attacker...

CVE-2018-0160

A vulnerability in Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper management of memory resources, referred to as a double free. An attacker...

Cisco IOS SNMP Remote Code Execution

!/usr/bin/env python if False: ''' CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution =================== This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco Systems on June 29th 2017 - Descriptio...

CVE-2017-5258

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain SNMP OIDs, serve it via HTTP, and the affected device will perform a configuration restore using...

CVE-2017-5262

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only RO community string has access to sensitive information by OID reference...

CVE-2017-6783

A vulnerability in SNMP polling for the Cisco Web Security Appliance WSA, Email Security Appliance ESA, and Content Security Management Appliance SMA could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an...

CVE-2017-6783

A vulnerability in SNMP polling for the Cisco Web Security Appliance WSA, Email Security Appliance ESA, and Content Security Management Appliance SMA could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an...