Lucene search
+L

222 matches found

The Hacker News
The Hacker News
added 2023/04/19 9:30 a.m.3 views

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...

9CVSS8.1AI score0.21424EPSS
Exploits1
OSV
OSV
added 2023/02/26 8:15 p.m.5 views

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

9.8CVSS7.6AI score0.17399EPSS
Exploits6References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.3 views

SUSE CVE-2007-5846

The SNMP agent snmpagent.c in net-snmp before 5.4.1 allows remote attackers to cause a denial of service CPU and memory consumption via a GETBULK request with a large max-repeaters value...

7.8CVSS6.8AI score0.28966EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.5 views

SUSE CVE-2008-0960

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS7.2AI score0.6879EPSS
Exploits7References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.5 views

SUSE CVE-2008-4309

Integer overflow in the netsnmpcreatesubtreecache function in agent/snmpagent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service crash via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,...

7.5CVSS7.2AI score0.04926EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.2 views

SUSE CVE-2020-15861

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link symlink following...

7.8CVSS7AI score0.00459EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.6 views

SUSE CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

5.9CVSS6.9AI score0.01131EPSS
Exploits0References7
OSV
OSV
added 2023/01/13 12:15 a.m.6 views

CVE-2023-22401

An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon aftmand of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On the PTX10008 and PTX10016 platforms running Junos ...

7.5CVSS7.1AI score0.00616EPSS
Exploits0References1
OSV
OSV
added 2022/12/05 4:15 p.m.5 views

CVE-2022-45315

Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet...

9.8CVSS6.1AI score0.01255EPSS
Exploits1References1
OSV
OSV
added 2022/11/15 9:15 p.m.5 views

CVE-2022-20918

A vulnerability in the Simple Network Management Protocol SNMP access controls for Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module, Cisco Firepower Management Center FMC Software, and Cisco Next-Generation Intrusion Prevention System NGIPS Software could allow an...

7.5CVSS5.8AI score0.00847EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/09 12:0 a.m.4 views

PT-2022-6089 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Simple Network Management Protocol SNMP feature cou...

7.8CVSS6.4AI score0.00783EPSS
Exploits0References6
OSV
OSV
added 2022/10/12 1:15 a.m.4 views

CVE-2022-42711

In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser...

9.6CVSS6.1AI score0.00988EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/16 1:15 a.m.5 views

CVE-2022-36307

The AirVelocity 1500 prints SNMP credentials on its physically accessible serial port during boot. This was fixed in AirVelocity 1500 software version 15.18.00.2511 and may affect other AirVelocity and AirSpeed models...

6.8CVSS6.6AI score0.0029EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/16 1:15 a.m.8 views

CVE-2022-36310

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models...

8.8CVSS7.5AI score0.01333EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/08/16 12:0 a.m.8 views

PT-2022-23303 · Airspan · Airspan Airvelocity 1500

Name of the Vulnerable Software and Affected Versions: Airspan AirVelocity 1500 versions prior to 15.18.00.2511 Description: The web management UI of the affected software displays SNMP credentials in plaintext and stores SNMPv3 credentials unhashed on the filesystem. This allows anyone with web...

9.1CVSS9.2AI score0.00621EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/07/08 11:42 a.m.60 views

CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS6.8AI score0.01105EPSS
Exploits0References4
OSV
OSV
added 2022/07/08 11:42 a.m.3 views

UBUNTU-CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS6.9AI score0.01105EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.21 views

Advantech iView SQL注入漏洞

Advantech Iview, a software based on Simple Network Protocol SNMP for managing B B SmartWorx devices from Advantech, China, is vulnerable to a SQL injection vulnerability in Advantech iView, which stems from a special element used in SQL commands that is not neutralized. An unauthorized attacker...

8.8CVSS5.9AI score0.09002EPSS
Exploits0References5
OSV
OSV
added 2022/04/27 5:15 p.m.4 views

CVE-2022-22276

A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user...

5.3CVSS5.8AI score0.00744EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/13 4:0 p.m.7 views

CVE-2022-20684

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of...

7.4CVSS6.5AI score0.00503EPSS
Exploits0References2
Rows per page
Query Builder