CVE-2025-52986 Junos OS and Junos OS Evolved: When RIB sharding is configured each time a show command is executed RPD memory leaks

A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low privileged user to cause an impact to the availability of the device. When RIB sharding is enabled and a user executes one of...

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

CVE-2024-20289

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments for a specific CLI command. An...

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

CVE-2023-28000

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted...

CVE-2023-20170

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the...

CVE-2021-36179

A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution...

CVE-2021-26093

An access of uninitialized pointer CWE-824 vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command...

CVE-2025-30652

An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service DoS. When asregex-optimized is configured and a specific "show...

CVE-2025-30652

An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service DoS. When asregex-optimized is configured and a specific "show...

CVE-2025-30655 Junos OS and Junos OS Evolved: A specific CLI command will cause an RPD crash when rib-sharding and update-threading is enabled

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service DoS. When a specific "show bgp neighbor" CLI command is run, the rpd cpu...

CVE-2025-30655

CVE-2025-30655 affects Juniper Networks Junos OS and Junos OS Evolved. The issue is in the Routing Protocol Daemon (rpd) and causes a local, low-privileged attacker to trigger a Denial-of-Service by running the CLI command "show bgp neighbor" when BGP RIB sharding and update-threading are enabled...

CVE-2025-30652 Junos OS and Junos OS Evolved: Executing a specific CLI command when asregex-optimized is configured causes an rpd crash

An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service DoS. When asregex-optimized is configured and a specific "show...

CVE-2025-30652

CVE-2025-30652 affects Juniper Junos OS and Junos OS Evolved. The vulnerability is an improper handling of exceptional conditions in the routing protocol daemon (rpd) that allows a local, low-privilege attacker to trigger a Denial of Service by executing a specific CLI command when asregex-optimi...

CVE-2025-30652 Junos OS and Junos OS Evolved: Executing a specific CLI command when asregex-optimized is configured causes an rpd crash

An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service DoS. When asregex-optimized is configured and a specific "show...

CVE-2025-2858

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser...

CVE-2025-2858 Privilege escalation vulnerability in saTECH BCU

Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser...

Cisco APIC Multiple Vulnerabilities (cisco-sa-apic-multi-vulns-9ummtg5)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by multiple vulnerabilities. - A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could...

PT-2025-8732 · Cisco · Cisco Apic

Name of the Vulnerable Software and Affected Versions: Cisco APIC affected versions not specified Description: A vulnerability in the CLI could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. The attacker must...

CVE-2021-26106

An improper neutralization of special elements used in an OS Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 and 6.2.4 through 6.2.5 may allow an authenticated attacker to execute unauthorized commands by running the kdbg CLI command with specifically crafted arguments...