CVE-1999-0293

AAA authentication on Cisco systems allows attackers to execute commands without authorization...

EUVD-2004-0244

Malware in sbrugna...

EUVD-2008-0334

Malware in sbrugna...

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

Hackers Release Second Batch of Stolen Cisco Data

IN THIS ARTICLE: Hackers have released what they claim to be the second batch of data stolen in…...

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers ISPs as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that...

SoftEtherVPN -- multiple vulnerabilities

Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and technical assistance from Cisco Systems, Inc. of the United States from April to June 2023 to fix several vulnerabilities in the SoftEther VPN code. The risk of exploitation of any of the fixed vulnerabilities ...

FreeBSD : SoftEtherVPN -- multiple vulnerabilities (d821956f-1753-11ee-ad66-1c61b4739ac9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d821956f-1753-11ee-ad66-1c61b4739ac9 advisory. - Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and...

CVE-2022-31734

Cisco Catalyst 2940 Series Switches are affected by a reflected cross-site scripting vulnerability in error page generation for firmware versions prior to 12.2(50)SY (2011). The issue could allow an attacker to cause arbitrary scripts to run in a user’s browser. Affected devices have been retired...

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities

Microsoft's Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others. 10 of the 128 bugs fixed are rated...

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager RCM for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 CVSS scor...

Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of...

Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software

Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary code with administrative privileges and trigger a denial-of-service DoS...

Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity. The most serious of the bugs patched by Cisco rated 9.1 out of 10 could allow a remote and unauthenticated adversary to read or write arbitra...

SNMP – Simply Not My Problem. Or is it?

TL;DR: Use SNMPv3; long gone is default community strings, hello complex passwords! Remove from the internet, if required, implement a VPN solution to restrict access to only authorised parties. SNMP is a protocol used for the remote management of devices on a network. By remote, we mean access...

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices. The bug, tracked as CVE-2021-1459, is rated with a CVSS score of 9.8 out of 10, and affects RV110W...

Cisco Plugs Security Hole in Small Business Routers

A popular line of small business routers made by Cisco Systems are vulnerable to a high-severity vulnerability. If exploited, the flaw could allow a remote – albeit authenticated – attacker to execute code or restart affected devices unexpectedly. Cisco issued fixes on Wednesday for the flaw in i...

WireBug - A Toolset For Voice-over-IP Penetration Testing

WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to use. The tools are build for single using too, so every tool is its own python or bash program. Installation Install the dependencies in requirements.txt and the python dependencies in...

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant’s ubiquitous IOS operating system. The patches plug holes in a wide range of products and address denial-of-service, file overwrite and input validation attacks. The advisory was planned and part o...

Ex-Cisco Employee Pleads Guilty to Deleting 16K Webex Teams Accounts

A former Cisco Systems employee pleaded guilty this week to hacking into the networking company’s cloud infrastructure and deleting 16,000 Webex Teams accounts in 2018. Webex Teams is Cisco’s collaboration application for enterprises. In a plea agreement in a San Jose federal court, Sudhish Kasab...