Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7987 matches found

NVD
NVDadded 2018/07/18 11:29 p.m.12 views

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

10CVSS9.7AI score0.01183EPSS
Exploits0References2
Prion
Prionadded 2018/07/18 11:29 p.m.10 views

Input validation

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

10CVSS9.5AI score0.01183EPSS
Exploits0References2Affected Software7
NVD
NVDadded 2018/07/18 11:29 p.m.24 views

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

9CVSS7.2AI score0.00341EPSS
Exploits0References2
Prion
Prionadded 2018/07/18 11:29 p.m.14 views

Input validation

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

9CVSS7.2AI score0.00341EPSS
Exploits0References2Affected Software7
CVE
CVEadded 2018/07/18 11:0 p.m.52 views

CVE-2018-0392

CVE-2018-0392 affects Cisco Policy Suite: a local, authenticated attacker can access files owned by another user due to world-readable permissions in the CLI. Root cause is insufficient access controls. Exploitation requires logging into the CLI; impact is exposure of potentially sensitive user-o...

5.5CVSS5.3AI score0.00043EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2018/07/18 11:0 p.m.11 views

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

5.3AI score0.00043EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2018/07/18 11:0 p.m.9 views

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

7.4AI score0.00341EPSS
Exploits0References2
Cvelist
Cvelistadded 2018/07/18 11:0 p.m.24 views

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

7.2AI score0.00341EPSS
Exploits0References2
CVE
CVEadded 2018/07/18 11:0 p.m.51 views

CVE-2018-0349

Cisco SD-WAN Solution contains a vulnerability (CVE-2018-0349) where an authenticated, remote attacker could overwrite arbitrary files on the device by abusing improper input validation of the request admin-tech command in the CLI. A successful exploit could escalate privileges to root. Affected ...

10CVSS9.5AI score0.01183EPSS
Exploits0References2Affected Software5
Vulnrichment
Vulnrichmentadded 2018/07/18 11:0 p.m.6 views

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

7.3AI score0.01183EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2018/07/18 11:0 p.m.9 views

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

6.5AI score0.00043EPSS
Exploits0References2
Cvelist
Cvelistadded 2018/07/18 11:0 p.m.19 views

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

9.7AI score0.01183EPSS
Exploits0References2
CVE
CVEadded 2018/07/18 11:0 p.m.44 views

CVE-2018-0348

Cisco SD-WAN Solution CVE-2018-0348 is a command-injection vulnerability in the CLI due to insufficient input validation. It affects vBond Orchestrator Software, vEdge 100/1000/2000/5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, and vSmart Controller Softwa...

9CVSS7.2AI score0.00341EPSS
Exploits0References2Affected Software5
Cisco
Ciscoadded 2018/07/18 4:0 p.m.34 views

Cisco Policy Suite World-Readable Sensitive Data Vulnerability

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions. An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow t...

5.5CVSS1AI score0.00043EPSS
Exploits0References1
Cisco
Ciscoadded 2018/07/18 4:0 p.m.43 views

Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

8.6CVSS2.6AI score0.01183EPSS
Exploits0References1
Kitploit
Kitploitadded 2018/07/15 2:4 p.m.248 views

CloudMapper - Tool To Analyze Your Amazon Web Services (AWS) Environments

CloudMapper helps you analyze your Amazon Web Services AWS environments. The original purpose was to generate network diagrams and display them in your browser. It now contains more functionality. Demo:https://duo-labs.github.io/cloudmapper/ Intro...

6.7AI score
Exploits0References5
Kitploit
Kitploitadded 2018/07/13 10:19 p.m.32 views

ROPGenerator - Tool That Helps You Building ROP Exploits By Finding And Chaining Gadgets Together

ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries. Overview ROPGenerator uses the tool ROPgadget https://github.com/JonathanSalwan/ROPgadget to extract gadgets from binaries and...

7.1AI score
Exploits0References4
Kitploit
Kitploitadded 2018/07/07 10:41 p.m.22 views

Intrigue-Core - Discover Your Attack Surface

Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases: Application and Infrastructure Asset Discovery Security Research and Vulnerability Discovery Malware Campaign Research & Indicator Enrichment Exploratory OSINT Research If you'd like assistance...

7AI score
Exploits0References4
VulnCheck KEV
VulnCheck KEVadded 2018/07/07 12:0 a.m.1 views

VulnCheck KEV: CVE-2017-1000353

Jenkins contains a remote code execution vulnerability. This vulnerability that could allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, that would be deserialized using a new ObjectInputStream, bypassing the existing blocklist-based...

9.8CVSS7.6AI score0.94479EPSS
Exploits36References1
CVE
CVEadded 2018/07/06 2:0 p.m.62 views

CVE-2018-13110

CVE-2018-13110 affects all ADB Broadband Gateways/Routers based on the Epicentro platform. The root cause is a privilege-escalation via Linux group manipulation, enabling an attacker to gain CLI access even if it was previously disabled by the ISP and to escalate privileges, potentially compromis...

8.5CVSS7.9AI score0.0778EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder