CVE-2026-20004

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this...

PT-2026-27787

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the TLS library of Cisco IOS XE Software that may allow a nearby, unauthenticated attacker to deplete the memory of a vulnerable device. This is caused by...

CVE-2026-20040

The vulnerability CVE-2026-20040 affects Cisco IOS XR Software CLI. It stems from insufficient validation of user arguments passed to specific CLI commands, allowing an authenticated, low-privilege attacker to elevate privileges to root and execute arbitrary commands on the underlying OS. The iss...

PT-2026-24728

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

CVE-2026-20080

A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul Edge Compute Software could allow an unauthenticated, remote attacker to cause the SSH service to stop responding. This vulnerability exists because the SSH service lacks effective flood protection. An attacker could exploit th...

EUVD-2013-3343

Malware in sbrugna...

EUVD-2015-0619

Malware in sbrugna...

EUVD-1999-0453

Malware in sbrugna...

Cisco IOS XR ARP Broadcast Storm Denial of Service (cisco-sa-iosxr-arp-storm-EjUU55yM)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by...

CVE-2025-20315

A vulnerability in the Network-Based Application Recognition NBAR feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service DoS condition. This vulnerability is due to improper handling of malformed Control...

CVE-2025-20334

A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges...

PT-2025-39306

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Command Line Interface CLI of Cisco IOS XE Software that could allow a local attacker with administrative privileges to execute arbitrary commands as root o...

Cisco IOS XE 访问控制错误漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE suffers from an Access Control Error vulnerability that stems from...

PT-2025-39290

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vEdge Software affected versions not specified Description A flaw exists in how IPv4 packet access control lists ACLs are handled, potentially allowing a remote, unauthenticated attacker to circumvent configured ACLs. This is caus...

CVE-2013-1192

The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802...

CVE-1999-0453

An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol CDP...

CVE-2024-20329

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

Cisco ATA 190 安全漏洞

The Cisco ATA 190 is an analog telephone adapter from Cisco USA. A security vulnerability exists in the Cisco ATA 190 that originates when the HTTP server allows state changes in GET requests. An unauthenticated, remote attacker could exploit this vulnerability to modify the configuration or rebo...

CVE-2024-20304

A vulnerability in the multicast traceroute version 2 Mtrace2 feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An...

Cisco Device HTTP Device Manager Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Device HTTP Device Manager Access', 'Description' = %q This module gathers data from a Cisco device router or switch with the device manage...