220 matches found
CVE-2022-24809
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24810
Net-snmp vulnerability CVE-2022-24810: A malformed OID in a SET to NET-SNMP’s VACM nsVacmAccessTable can cause a NULL pointer dereference. Affected are versions prior to 5.9.2; 5.9.2 contains a patch. Mitigations: upgrade to 5.9.2+ and restrict access; use strong SNMPv3 credentials and limit IP a...
CVE-2022-24810
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24809 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...
CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...
CVE-2022-24806
Net-snmp vulnerability CVE-2022-24806: improper input validation when SETing malformed OIDs in master agent and subagent can be triggered prior to version 5.9.2. Affected: net-snmp tools/agent; fix: upgrade to 5.9.2 or later. Mitigation note: use strong SNMPv3 credentials and avoid sharing them; ...
CVE-2022-24806
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...
The vulnerability of the Simple Network Management Plane (SNMP) server of the Cisco IOS operating system, which allows a hacker to bypass security restrictions
The vulnerability of the Simple Network Management Plane SNMP on the Cisco IOS operating system is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.
The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...
The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device allows a hacker to execute arbitrary commands.
The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...
The vulnerability of Siemens SINEMA Server’s network management and configuration software allows a perpetrator to execute arbitrary code with privileges of SYSTEM.
The vulnerability of Siemens SINEMA Server network management and configuration software is related to the possibility of implementing SNMP configurations. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of SYSTEM remotely...
Siemens SINEMA Server 跨站脚本漏洞
Siemens SINEMA Server is a software from Siemens, Germany, developed specifically for industrial applications. It enables you to fully visualize and monitor your network. A cross-site scripting vulnerability exists in Siemens SINEMA Server V14 due to an affected application incorrectly clearing...
PT-2023-6401 · Sinec Nms · Sinec Nms
Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V2.0 Description: The issue arises from the improper sanitization of certain SNMP configuration data retrieved from monitored devices. This could allow an attacker with access to a monitored device to prepare a...
PT-2023-4649 · Cisco · Cisco Fxos +1
Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances affected versions not specified Cisco UCS 6300 Series Fabric Interconnects affected versions not specified Description: A vulnerability in the Simple Network...
Moderate: net-snmp security and bug fix update
The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command...
PT-2023-21550 · Hewlett Packard · Hpe Oneview
Name of the Vulnerable Software and Affected Versions: HPE OneView affected versions not specified Description: The issue concerns an HPE OneView appliance dump that may expose SNMPv3 read credentials. Recommendations: At the moment, there is no information about a newer version that contains a f...
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...
CVE-2023-26602
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...