1679 matches found
CVE-2026-20108
The CVE-2026-20108 affects Cisco Catalyst SD-WAN Manager’s web-based management interface. The issue is insufficient validation of user input , enabling an authenticated, remote attacker to entice a user to click a crafted link and trigger cross-site scripting . Successful exploitation could exec...
CVE-2026-20104
A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...
CVE-2026-20104
Cisco IOS XE bootloader vulnerability (CVE-2026-20104) affects Catalyst 9200 series, ESS9300 Embedded, IE9310/IE9320 Rugged, and IE3500/IE3505 Rugged switches. Root cause: insufficient validation of boot-time software, allowing manipulation of loaded binaries to bypass boot-time integrity checks ...
CVE-2026-20086
A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...
CVE-2026-20086
Cisco IOS XE Wireless Controller Software (Catalyst CW9800 Family) is affected by a DoS vulnerability in CAPWAP packet processing. An unauthenticated, remote attacker can send a malformed CAPWAP packet to trigger an unexpected device reload, resulting in service disruption. Root cause: improper h...
CVE-2026-20086
A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...
CVE-2026-20084
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...
CVE-2026-20084
CVE-2026-20084 describes a vulnerability in the DHCP snooping feature of Cisco IOS XE Software affecting Cisco Catalyst 9000 Series switches. The issue arises from improper handling of BOOTP packets, which could allow an unauthenticated remote attacker to forward BOOTP packets between VLANs. The ...
CVE-2026-20084
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...
Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...
PT-2026-27790
Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the DHCP snooping feature that may allow a remote attacker to forward BOOTP packets between VLANs, leading to a denial of service DoS. This is caused by imprope...
Cisco多款产品 安全漏洞
The Cisco Catalyst 9200 Series Switches are switches produced by the American company Cisco. The Cisco Catalyst is a series of switches developed by Cisco. Several of Cisco’s products have security vulnerabilities. These vulnerabilities stem from insufficient software validation during startup,...
PT-2026-27791
Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family affected versions not specified Description A flaw exists in how the software processes Control and Provisioning of Wireless Access Points CAPWAP packets. This could allo...
PT-2026-27792
Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches Cisco Catalyst ESS9300 Embedded Series Switches Cisco Catalyst IE9310 and IE9320 Rugged Series Switches Cisco IE3500 and IE3505 Rugged Series Switches Description A flaw exists in t...
Cisco IOS XE Software for Catalyst Rugged Series Switches Secure Boot Bypass (cisco-sa-xe-secureboot-bypass-B6uYxYSZ)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series...
Cisco Catalyst SD-WAN Manager XSS (cisco-sa-vmanage-xss-ZqkhP9W9)
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 跨站脚本漏洞
Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco Catalyst SD-WAN Manager has a cross-site scripting vulnerability, which stems from...
PT-2026-27793
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw exists in the web-based management interface that may allow a remote attacker with valid credentials to perform a cross-site scripting XSS attack against a user...
Rapid7 Analysis: CVE-2026-20127
CVE-2026-20127: Cisco Catalyst SD-WAN Authentication Bypass Overview On 25th February 2026, Cisco published an advisory for CVE-2026-20127, a critical authentication bypass vulnerability in the vdaemon service of Cisco Catalyst SD-WAN formerly Viptela. The flaw allows an unauthenticated, remote...
Vulnerabilities fixed in Cisco Catalyst SD-WAN Manager
Cisco has fixed several vulnerabilities in the Cisco Catalyst SD-WAN Manager. The vulnerabilities are in the peering authentication mechanisms of the Cisco Catalyst SD-WAN Controller and Manager products. These vulnerabilities allow an unauthenticated remote attacker to bypass the authentication...