CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8005 matches found

0day.today•added 2021/09/29 12:0 a.m.•311 views

Mitrastar GPT-2541GNAC-N1 - Privilege escalation Vulnerability

Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability analysis:...

7.4AI score

Exploits0

CNVD•added 2021/09/24 12:0 a.m.•10 views

Cisco IOS and Cisco IOS XE Software Denial of Service Vulnerability

Cisco IOS and Cisco IOS XE Software are both products of Cisco, a U.S. company. Cisco IOS is a set of operating systems developed for its network devices. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network...

6.8CVSS3.3AI score0.01149EPSS

Exploits0Affected Software2

OSV•added 2021/09/23 3:15 a.m.•2 views

CVE-2021-34729

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...

6.7CVSS6.9AI score0.00346EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•16 views

CVE-2021-34725

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An...

7.2CVSS0.00346EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•17 views

CVE-2021-34729

7.2CVSS0.00346EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•10 views

CVE-2021-34726

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain C...

7.2CVSS0.00354EPSS

Exploits0References1

OSV•added 2021/09/23 3:15 a.m.•3 views

CVE-2021-34723

A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command...

6.7CVSS5.9AI score0.00237EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•14 views

CVE-2021-34723

6.9CVSS0.00237EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•11 views

CVE-2021-34699

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this...

7.7CVSS0.01149EPSS

Exploits0References1

OSV•added 2021/09/23 3:15 a.m.•1 views

CVE-2021-34699

7.7CVSS7.1AI score0.01149EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•15 views

CVE-2021-34696

A vulnerability in the access control list ACL programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a...

5.8CVSS0.00967EPSS

Exploits0References1

OSV•added 2021/09/23 3:15 a.m.•2 views

CVE-2021-1612

A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker could exploit this vulnerability by placi...

7.1CVSS7.2AI score0.00242EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•17 views

CVE-2021-1546

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an...

5.5CVSS0.00225EPSS

Exploits0References1

Prion•added 2021/09/23 3:15 a.m.•14 views

Design/Logic Flaw

2.1CVSS5.6AI score0.00225EPSS

Exploits0References1Affected Software12

Prion•added 2021/09/23 3:15 a.m.•15 views

Design/Logic Flaw

A vulnerability in the Link Layer Discovery Protocol LLDP message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to improper initialization of a...

6.8CVSS6.5AI score0.01149EPSS

Exploits0References1Affected Software2

Prion•added 2021/09/23 3:15 a.m.•20 views

Design/Logic Flaw

6.8CVSS7.4AI score0.01149EPSS

Exploits0References1Affected Software2

Prion•added 2021/09/23 3:15 a.m.•10 views

Input validation

7.2CVSS6.7AI score0.00354EPSS

Exploits0References1Affected Software1

Prion•added 2021/09/23 3:15 a.m.•18 views

Input validation