243 matches found
CVE-2024-20268
A vulnerability in the Simple Network Management Protocol SNMP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to...
CVE-2024-0005
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration...
PT-2024-30548 · Mguard · Mguard
Name of the Vulnerable Software and Affected Versions: mGuard devices versions prior to firmware 8.9.3 or 10.4.1 Description: A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation. This issue allows hackers to access confidential...
The vulnerability of the Demon Routing Protocol Daemon (rpd) in Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon rpd in Junos OS and Junos OS Evolved lies in the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted SNMP request...
Command or parameter injection via unique embedded switch SNMP commands (CVE-2024-5461)
Implementation of the Simple Network Management Protocol SNMP operating on the Brocade 6547 FC5022 embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only...
Cisco IOS和IOS XE 访问控制错误漏洞
Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. An access control error vulnerability exists in the Simple Network Management Protocol SNMP IPv4 access control list feature of Cisco IOS Software and IOS XE Software, which stems from the program not...
PT-2024-3809 · Cisco · Cisco Ios Xe +1
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the implementation of the Simple Network Management Protocol SNMP IPv4 access control list ACL feature could allow an unauthenticated...
CVE-2022-24809
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24810
Net-snmp vulnerability CVE-2022-24810: A malformed OID in a SET to NET-SNMP’s VACM nsVacmAccessTable can cause a NULL pointer dereference. Affected are versions prior to 5.9.2; 5.9.2 contains a patch. Mitigations: upgrade to 5.9.2+ and restrict access; use strong SNMPv3 credentials and limit IP a...
CVE-2022-24810
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24809 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...
CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...
CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...
CVE-2022-24806
Net-snmp vulnerability CVE-2022-24806: improper input validation when SETing malformed OIDs in master agent and subagent can be triggered prior to version 5.9.2. Affected: net-snmp tools/agent; fix: upgrade to 5.9.2 or later. Mitigation note: use strong SNMPv3 credentials and avoid sharing them; ...
CVE-2022-24806
net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...
The vulnerability of the Simple Network Management Plane (SNMP) server of the Cisco IOS operating system, which allows a hacker to bypass security restrictions
The vulnerability of the Simple Network Management Plane SNMP on the Cisco IOS operating system is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
PT-2024-20026 · Korenix · Korenix Jeti/O 6550
Name of the Vulnerable Software and Affected Versions: Korenix JetI/O 6550 version F208 Build:0817 Description: The issue concerns an information exposure vulnerability. It is related to the SNMP protocol, which transfers data in plaintext. This allows an attacker to intercept traffic and retriev...
The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.
The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...
The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device allows a hacker to execute arbitrary commands.
The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...