Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE DoS (cisco-sa-iosxr-pppma-JKWFgneW)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the...

Design/Logic Flaw

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

WordPress BNG Gateway For WooCommerce Plugin <= 1.5.15 is vulnerable to Cross Site Scripting (XSS)

Software BNG Gateway For WooCommerce Type Plugin Vulnerable versions = 1.5.15 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 38c5d843616b Credits Rafie Muhammad...

WordPress BNG Gateway For WooCommerce plugin <= 1.6.10 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress BNG Gateway For WooCommerce plugin versions = 1.6.10. Solution No patched version available...

WordPress BNG Gateway For WooCommerce plugin <= 1.6.10 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress BNG Gateway For WooCommerce plugin versions = 1.6.10. Solution No patched version available...

WordPress BNG Gateway For WooCommerce plugin <= 1.6.10 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by WPScanTeam in WordPress BNG Gateway For WooCommerce plugin versions = 1.6.10. Solution Deactivate and delete. This plugin has been closed as of March 24, 2021 and is not available for download. Reason: Security Issue...

CVE-2021-0238

When a MX Series is configured as a Broadband Network Gateway BNG based on Layer 2 Tunneling Protocol L2TP, executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to monito...

CVE-2021-0238

When a MX Series is configured as a Broadband Network Gateway BNG based on Layer 2 Tunneling Protocol L2TP, executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to monito...

CVE-2021-0238

CVE-2021-0238 affects Junos OS on MX Series: repeatedly executing a CLI command may exhaust disk space, causing partial availability impact. Vulnerable versions include MX Series 17.3R1 and newer, up to but not including 17.4R3-S5, then 18.1–20.4 with various sub-versions listed; the issue does n...

CVE-2020-1633

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway BNG and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded,...

CVE-2019-16298

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual broadband network gateway application org.onosproject.virtualbng, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this...

CVE-2019-0063

CVE-2019-0063 concerns Juniper Networks Junos OS on MX Series BRAS configured as BNG with DHCPv6 enabled, where a specifically crafted DHCP response on a subscriber interface can crash the jdhcpd daemon. The crash triggers an automatic restart, but repeated crafted messages may cause an extended ...