80 matches found
Cisco Integrated Services Routers 1000/4000 Series HTTP Detection Engine File Policy Bypass (cisco-sa-snort-filepolbypass-67DEwMe2)
According to its version and configuration, the Cisco Software running on the remote Integrated Services Router device is affected by affected by a file policy bypass vulnerability due to the incorrect handling of a HTTP range header. An unauthenticated, remote attacker could send a carefully...
Cisco IOS XE Software for 4461 Integrated Services Routers DoS (cisco-sa-ISR4461-gKKUROhx)
According to its self-reported version, IOS-XE is affected by a denial of service vulnerability. A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload,...
Jinan Yuxia Information Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2021-12786)
Jinan Yuxia Information Technology Co., Ltd. to the Internet products and related services as the main direction, is a collection of website construction and network promotion, IDC business, software development, server hosting, telecommunications value-added services and other integrated service...
The vulnerability in the implementation of Integrated Services Digital Network (ISDN) operating systems such as Cisco IOS and Cisco IOS XE allows a attacker to induce a service failure.
The vulnerability of Cisco IOS and Cisco IOS XE operating systems for ISDN Integrated Services Digital Network implementations is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
The vulnerability of the Cisco IOS XE operating system’s monitor ROMMON mode affects Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Cisco IOS XE operating system’s monitor ROMMON mode for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers is related to access...
kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
A vulnerability was found in the Linux kernel’s implementation of the AFISDN protocol, which does not enforce the CAPNETRAW capability. This flaw can allow unprivileged users to create a raw socket for this protocol. This could further allow the user to control the availability of an existing ISD...
Race condition
A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to incorrect processing of...
CVE-2020-3414 Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability
A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to incorrect processing of...
CVE-2020-3414
Cisco IOS XE on Cisco 4461 Integrated Services Routers is affected by a DoS vulnerability in the packet processing path. The root cause is incorrect processing of IPv4/IPv6 traffic, which allows an unauthenticated, remote attacker to cause the device to reload by sending IP traffic through or to ...
CVE-2020-3258
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3234
A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...
CVE-2020-3258
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3198
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
Design/Logic Flaw
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...
Information disclosure
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...
CVE-2020-3258
Cisco IOS Software CVE-2020-3258 affects Cisco 809/829 Industrial ISRs and CGR1000; a vulnerability in a diagnostic test CLI command can modify run-time memory, enabling an unauthenticated remote attacker or an authenticated local attacker to execute arbitrary code or cause a crash/reload. Exploi...
CVE-2020-3234
The CVE-2020-3234 issue affects Cisco IOS Software for Cisco 809/829 Industrial ISRs and CGR1000 devices, where the Virtual Device Server (VDS) authentication uses hard-coded/default credentials. A local, authenticated, low-privilege attacker can log in to VDS via the device’s virtual console and...
CVE-2020-3210
CVE-2020-3210 affects Cisco IOS Software on Cisco 809/829 Industrial ISRs and CGR1000, where the CLI parsers for VDS-related commands fail to validate input. An authenticated local attacker with privilege level 15 can inject malicious input into VDS CLI arguments, gaining arbitrary commands execu...
CVE-2020-3208
Cisco IOS Software for Cisco 809 and 829 Industrial ISRs is affected by an image verification bypass. The issue stems from insufficient access restrictions around the image verification code, allowing an authenticated attacker with valid credentials at privilege level 15 to log into the VDS and d...
CVE-2020-3208 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability
A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient acce...