53 matches found
Cisco IOS XE Software Lobby Ambassador Privilege Escalation (cisco-sa-iosxe-lobby-privesc-KwxBqJy)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would...
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
Vulnerabilities fixed in Cisco IOS XE Software
Cisco has fixed vulnerabilities in Cisco IOS XE Software, specifically for several products such as Catalyst 9000 Series Switches, Catalyst CW9800 Family, and Cisco Meraki. The vulnerabilities include several issues, such as a memory leak in the IKEv2 implementation, vulnerabilities in the DHCP...
EUVD-2026-15445
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
CVE-2026-20114
Cisco IOS XE Lobby Ambassador web-based management API has a vulnerability where an authenticated Lobby Ambassador can bypass validation to create a new user with privilege level 1 access, enabling access to management APIs. Root cause: insufficient validation of API parameters. Impact: privilege...
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
PT-2026-27797
Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Lobby Ambassador web-based management API of Cisco IOS XE Software that could allow an authenticated, remote attacker to gain elevated privileges and access...
Malicious Package
Overview mtls-ambassador is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in mtls-ambassador (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7751747bc3d849e8a9b44fe993f8e2e3a5779f8c940573453433084eb4d3a07b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-35755
Malicious code in mtls-ambassador npm...
MAL-2025-48579 Malicious code in mtls-ambassador (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7751747bc3d849e8a9b44fe993f8e2e3a5779f8c940573453433084eb4d3a07b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-13897
Malicious code in bioql PyPI...
EUVD-2023-24410
Malicious code in bioql PyPI...
EUVD-2025-13905
Malicious code in bioql PyPI...
Malicious code in ambassador-node (npm)
The package ambassador-node was found to contain malicious code...
Malicious code in ambassador-robots (npm)
The package ambassador-robots was found to contain malicious code...
MAL-2025-14425 Malicious code in ambassador-node (npm)
The package ambassador-node was found to contain malicious code...