CVE-2026-20185

Cisco SG350 and SG350X Series Managed Switches are affected by a vulnerability in the SNMP subsystem (CVE-2026-20185). The issue stems from improper error handling when parsing response data for a specific SNMP request, which could allow an authenticated, remote attacker to cause a DoS condition ...

PT-2026-37654

Name of the Vulnerable Software and Affected Versions Cisco 350 Series Managed Switches SG350 affected versions not specified Cisco 350X Series Stackable Managed Switches SG350X affected versions not specified Description An issue in the Simple Network Management Protocol SNMP subsystem occurs du...

EUVD-2019-10471

Malware in sbrugna...

EUVD-2013-1194

Malware in sbrugna...

Cisco NX-OS Software Operating System Command Injection Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software suffers from an operating system command injection vulnerability that stems from insufficient user input validation, which can be exploited by an...

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A command execution vulnerability exists in Cisco NX-OS Software that stems from insufficient validation of user-supplied input. An attacker could exploit this vulnerabilit...

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 CVSS score: 9.3, has been described as an improper access contr...

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliances and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the...

Brute forcing device passwords

When working with IoT and embedded systems, brute-force password guessing attacks are an effective tool to gain access. Over the years, I’ve learned some tips and tricks to make these attacks more effective. What is brute forcing? Very simply, it’s guessing passwords so that you can find a valid...

CVE-2020-3147

A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this...

Cisco IOS Smart Install Memory Leak (cisco-sa-20160928-smi)

According to its self-reported version, Cisco IOS is affected by a denial of service DoS vulnerability in the Smart Install client feature due to incorrect handling of image list parameters. An unauthenticated, remote attacker can exploit this, by sending crafted Smart Install packets to TCP port...

Cisco NX-OS Software Privilege License and Access Control Issues Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A permission and access control issue vulnerability exists in the Simple Network Management Protocol Access Control Column feature of Cisco NX-OS Software, which can be...

Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Advisory ID: cisco-sa-20110126-csg2 http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml Revision 1.0 For Public Release 2011 January 26 1600 UTC GMT...

Cisco IOS TCP Listener Crafted Packets Remote DoS (CSCek37177)

The remote CISCO switch runs a version of IOS contains a flaw which may cause the remote router to crash when processing specially malformed TCP packets. An attacker might use these flaws to crash this router remotely. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...