Lucene search
K

37 matches found

BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.8 views

The vulnerability of Cisco Small Business 220 Series Smart Switch microprogramming software lies in the lack of protection for service data. This allows a hacker to gain access to confidential login credentials or alter user passwords within the user account.

The vulnerability of the microprogrammed software of Cisco Small Business 220 Series Smart Switches lies in the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain access to login credentials or reconfigure passwords in the user account...

7.8CVSS5.9AI score0.00604EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.6 views

The vulnerability of the Link Layer Discovery Protocol (LLDP) implementation in Cisco Small Business 220 router software allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the Link Layer Discovery Protocol LLDP implementation in Cisco Small Business 220 router software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary...

8.8CVSS8.4AI score0.00504EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/10/06 8:15 p.m.16 views

CVE-2021-34779

Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...

8.8CVSS0.00504EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 8:15 p.m.28 views

CVE-2021-34775

Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...

4.3CVSS0.00398EPSS
Exploits0References1
Prion
Prion
added 2021/10/06 8:15 p.m.11 views

Design/Logic Flaw

Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...

2.9CVSS5.1AI score0.00398EPSS
Exploits0References1Affected Software16
CVE
CVE
added 2021/10/06 7:45 p.m.56 views

CVE-2021-34775

CVE-2021-34775 affects Cisco Small Business 220 Series Smart Switches with LLDP enabled. An unauthenticated, adjacent attacker can execute code on the device, cause a reload, or induce LLDP database corruption via LLDP processing. The attack requires being on the same Layer 2 broadcast domain. Ci...

4.3CVSS5AI score0.00398EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/06 7:45 p.m.55 views

CVE-2021-34776

CVE-2021-34776 refers to multiple vulnerabilities in the LLDP implementation of Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could execute code on the device or cause a reload, and LLDP database corruption could occur. The advisory attributes the issues to...

4.3CVSS5AI score0.00398EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2021/07/09 5:31 p.m.82 views

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...

9CVSS8.1AI score0.01879EPSS
Exploits0References5
NVD
NVD
added 2021/06/16 6:15 p.m.20 views

CVE-2021-1542

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...

9.3CVSS0.01387EPSS
Exploits0References1
NVD
NVD
added 2021/06/16 6:15 p.m.23 views

CVE-2021-1543

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...

7.2CVSS0.0932EPSS
Exploits0References1
Cisco
Cisco
added 2021/06/16 4:0 p.m.96 views

Cisco Small Business 220 Series Smart Switches Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting XSS attac...

7.5CVSS6.8AI score0.09721EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/13 12:0 a.m.7 views

The vulnerability in the web interface for managing Cisco Small Business Series 220 routers allows a perpetrator to write arbitrary files to the device’s file system.

The vulnerability of the Cisco Small Business Series 220 router management web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to write arbitrary files to the device’s file system by sending specially crafted HTTP or HTTPS...

10CVSS5.6AI score0.17037EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2019/08/07 6:15 a.m.5 views

CVE-2019-1914

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

7.2CVSS7.3AI score0.24852EPSS
Exploits2References2
NVD
NVD
added 2019/08/07 6:15 a.m.25 views

CVE-2019-1914

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

9CVSS7.4AI score0.24852EPSS
Exploits2References2
NVD
NVD
added 2019/08/07 6:15 a.m.29 views

CVE-2019-1913

Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...

10CVSS9.9AI score0.25944EPSS
Exploits2References2
Prion
Prion
added 2019/08/07 6:15 a.m.22 views

Authorization

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

6.4CVSS9AI score0.17037EPSS
Exploits2References2Affected Software11
Prion
Prion
added 2019/08/07 6:15 a.m.18 views

Input validation

Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...

10CVSS9.6AI score0.25944EPSS
Exploits2References2Affected Software11
Cvelist
Cvelist
added 2019/08/07 5:45 a.m.23 views

CVE-2019-1912 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

9.1CVSS9.2AI score0.17037EPSS
Exploits2References2
CNVD
CNVD
added 2019/08/07 12:0 a.m.5 views

Cisco Small Business 220 Series Smart Switches Authorization Issues Vulnerability

Cisco Small Business 220 Series Smart Switches is a small smart switch device from Cisco USA. An authorization issue vulnerability exists in Cisco Small Business 220 Series Smart Switches. An attacker can exploit this vulnerability by sending a malicious request to upload arbitrary files...

9.1CVSS7.1AI score0.17037EPSS
Exploits2References1
Cisco
Cisco
added 2019/08/06 2:0 p.m.73 views

Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The...

9.8CVSS9.9AI score0.25944EPSS
Exploits2References1
Rows per page
Query Builder