37 matches found
The vulnerability of Cisco Small Business 220 Series Smart Switch microprogramming software lies in the lack of protection for service data. This allows a hacker to gain access to confidential login credentials or alter user passwords within the user account.
The vulnerability of the microprogrammed software of Cisco Small Business 220 Series Smart Switches lies in the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain access to login credentials or reconfigure passwords in the user account...
The vulnerability of the Link Layer Discovery Protocol (LLDP) implementation in Cisco Small Business 220 router software allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the Link Layer Discovery Protocol LLDP implementation in Cisco Small Business 220 router software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary...
CVE-2021-34779
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34775
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
Design/Logic Flaw
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34775
CVE-2021-34775 affects Cisco Small Business 220 Series Smart Switches with LLDP enabled. An unauthenticated, adjacent attacker can execute code on the device, cause a reload, or induce LLDP database corruption via LLDP processing. The attack requires being on the same Layer 2 broadcast domain. Ci...
CVE-2021-34776
CVE-2021-34776 refers to multiple vulnerabilities in the LLDP implementation of Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could execute code on the device or cause a reload, and LLDP database corruption could occur. The advisory attributes the issues to...
Cisco BPA, WSA Bugs Allow Remote Cyberattacks
A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...
CVE-2021-1542
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...
CVE-2021-1543
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...
Cisco Small Business 220 Series Smart Switches Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...
The vulnerability in the web interface for managing Cisco Small Business Series 220 routers allows a perpetrator to write arbitrary files to the device’s file system.
The vulnerability of the Cisco Small Business Series 220 router management web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to write arbitrary files to the device’s file system by sending specially crafted HTTP or HTTPS...
CVE-2019-1914
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
CVE-2019-1914
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
CVE-2019-1913
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...
Authorization
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...
Input validation
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...
CVE-2019-1912 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...
Cisco Small Business 220 Series Smart Switches Authorization Issues Vulnerability
Cisco Small Business 220 Series Smart Switches is a small smart switch device from Cisco USA. An authorization issue vulnerability exists in Cisco Small Business 220 Series Smart Switches. An attacker can exploit this vulnerability by sending a malicious request to upload arbitrary files...
Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...