The vulnerability of the command-line interface of Cisco IOS XR allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the command-line interface of Cisco IOS XR systems is related to improper validation of arguments passed to a specific CLI command. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software lies in the improper assignment of permissions for critical resources, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of ASUS RT-AX55, RT-AX55 V2, RT-AX56U, RT-AX56U V2, RT-AX57, RT-AX58U, and RT-AX58U V2 router microprogramming software lies in insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of ASUS RT-AX55, RT-AX55 V2, RT-AX56U, RT-AX56U V2, RT-AX57, RT-AX58U, and RT-AX58U V2 microprogrammed router software is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

The vulnerability of the Central Web Authentication (CWA) component of the Cisco IOS XE operating system allows a hacker to bypass the authentication process and gain access to the protected network segment.

The vulnerability of the Central Web Authentication CWA component in the Cisco IOS XE operating system is related to logical errors in the implementation of the access control list ACL. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures and gain access to t...

CVE-2024-20489

A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running...

The vulnerability of the UploadCustomModule function in the cgi-bin/cstecgi.cgi file of the TOTOLINK CP900 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UploadCustomModule function in the cgi-bin/cstecgi.cgi file of the TOTOLINK CP900 router’s microprogramming system is related to the issue of data being written outside the buffer during the processing of the File parameter. Exploiting this vulnerability allows a maliciou...

SUSE CVE-2021-26928

BIRD through 2.0.7 does not provide functionality for password authentication of BGP peers. Because of this, products that use BIRD which may, for example, include Tigera products in some configurations, as well as products of other vendors may have been susceptible to route redirection for Denia...

The vulnerability of Huawei’s microprogrammed router software, related to insufficient validation of input data, allows attackers to trigger service failures or disclose protected information.

The vulnerability of Huawei’s microprogrammed router software is related to insufficient testing of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures or expose protected information...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a vulnerabili...

CVE-2024-20327

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

The vulnerability of the genacgi_main function in the D-LINK GO-RT-AC750 router software allows a hacker to execute arbitrary commands.

The vulnerability of the genacgimain function in the D-LINK GO-RT-AC750 router microprogramming system is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the devinfo interface in D-Link’s microprogrammed router software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the devinfo interface in D-Link’s microprogrammed router software is related to insufficient protection of operational data during the processing of the area parameter. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information by...

The vulnerability of the flupl function in Python-based D-Link G416 router software allows a hacker to execute arbitrary code.

The vulnerability of the flupl function in D-Link G416 router software lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting to port 80...

The vulnerability of the dropbearpwd component in the TP-Link TL-WR841N router’s microprogramming software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the dropbearpwd component in the TP-Link TL-WR841N router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of function sub_417338 in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of sub417338 in the microprogramming software of the TOTOLINK X6000R router is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of the web interface of Netgear WNDR3700 microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the web interface of Netgear WNDR3700 router software lies in improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

CVE-2023-46306

The web administration interface in NetModule Router Software NRSW 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php deviceid parameter. This occurs because another thread can be start...

CVE-2023-46306

The web administration interface in NetModule Router Software NRSW 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php deviceid parameter. This occurs because another thread can be start...

Design/Logic Flaw

The web administration interface in NetModule Router Software NRSW 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php deviceid parameter. This occurs because another thread can be start...