CVE-2021-1509

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service DoS condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

PT-2021-5238 · Pulse Secure · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions prior to 9.1R11.4 Description: A buffer overflow issue exists, allowing a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room data. This can be exploited ...

CVE-2021-31802

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...

Heap overflow

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...

NETGEAR R7000 缓冲区错误漏洞

Netgear NETGEAR R7000 is a wireless router from Netgear, Inc. A security vulnerability exists in the NETGEAR R7000 in 1.0.11.116, which stems from a failure of the network system or product to properly filter special elements of the code segment during external input data construction. An attacke...

CVE-2021-27252

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendorspecific DHCP opcode. The...

D-Link DAP-2020 安全漏洞

The D-Link DAP-2020 is a WiFi range extender from D-Link, a Taiwan-based company.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793. A command injection vulnerability exists in D-Link DAP-2020...

Vulnerabilities fixed in Red Hat OpenShift container platform

Red Hat has released version 4.7.5 of its OpenShift Container Platform. A malicious party could potentially exploit them to cause a denial-of-service or execute arbitrary execute arbitrary code with root privileges. -= Red Hat =- Red Hat has made updates available for OpenShift Container Platform...

CVE-2021-27245

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue...

CVE-2021-27239

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...

TP-Link Archer A7 安全漏洞

Tp-link TP-Link Archer A7 is a wireless router from China P&L Tp-link. A security vulnerability exists in the TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers, which stems from a failure to properly filter IPv6 SSH connections. An attacker could exploit the...

CVE-2020-28695

CVE-2020-28695 affects Askey Fiber Router RTF3505VW-N1, and related models, enabling remote code execution and extraction of admin credentials to log into the Dashboard or SSH as root. The CVE entry describes an unauthenticated path resulting in full device compromise (CVE-2020-28695). Connected ...

Netgear NETGEAR R7800 Operating System Command Injection Vulnerability

The Netgear NETGEAR R7800 is a wireless router from Netgear, Inc. The NETGEAR R7800 suffers from an operating system command injection vulnerability that originates from the failure to properly validate a user-supplied string before executing a system call using it. An attacker could exploit the...

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

CVE-2020-27867

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit...

Svakom Siime Eye Operating System Command Injection Vulnerability

The Svakom Siime Eye is a smart home device from Svakom, USA. An operating system command injection vulnerability exists in Svakom Siime Eye. The vulnerability stems from a command injection issue in the HOST/IP section of the NFS settings menu of the web server running on the device. Arbitrary...

CVE-2021-1344

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due t...

CVE-2021-1341

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due t...

CVE-2021-1347

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due t...

CVE-2021-1329

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due t...