The Dark Side of Efficiency: When Network Controllers Become "God Mode" for Attackers

Imagine you build a massive corporate campus with every security control money can buy. Blast resistant doors. Biometric scanners. Guards at every entrance. Maybe something similar to the infamous Death Star. On paper, it looks fantastic. Then, somewhere along the way, somebody decides the...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from a logic...

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability CVE-2022-22241, CVSS score: 8.1 in the J-Web...

Critical F5 BIG-IP Flaw Now Under Active Attack

Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw CVE-2021-22986 exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full contro...

F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs

F5 Networks is warning users to patch four critical remote command execution RCE flaws in its BIG-IP and BIG-IQ enterprise networking infrastructure. If exploited, the flaws could allow attackers to take full control over a vulnerable system. The company released an advisory, Wednesday, on seven...

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploite...

Security Advisory - Input Validation Vulnerability in Huawei Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

Security Advisory - Double Free Memory Vulnerability in Huawei Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

Security Advisory - Improper Authentication Vulnerability in Some Huawei CloudEngine Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

Lenovo, IBM RackSwitch and BladeCenter Switch Enterprise Networking Operating System Authentication Bypass Vulnerability

Lenovo RackSwitch and BladeCenter are switches from Lenovo in China.IBM RackSwitch and BladeCenter are switches from IBM in the U.S. Enterprise Networking Operating System ENOS is a set of enterprise networking operating systems that run on them. Enterprise Networking Operating System ENOS is a s...

CVE-2017-3765

In Enterprise Networking Operating System ENOS in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when...