CVE-2023-37859

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root...

CVE-2023-37860

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon...

CVE-2023-37860

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon...

CVE-2023-37860

PHOENIX CONTACT WP 6xxx series web panels are affected in versions before 4.0.10. An unauthenticated remote attacker can obtain the read/write (r/w) SNMPv2 community string from the web panel, exposing SNMP credentials and potentially enabling indirect impact on device management. The issue is fi...

K9025: FirePass SNMP DoS vulnerability

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE CVE-2014-2285

The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via an empty community string in an SNMP trap, which triggers a NULL pointer dereference...

Exploit for Improper Input Validation in Cisco Ios

Cisco-Smart-Exploit Cisco SmartInstall Exploit CVE-2018-0171...

UBUNTU-CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

CVE-2022-24807

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9....

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

PT-2022-7447 · Net Snmp +8 · Net-Snmp +8

Name of the Vulnerable Software and Affected Versions: net-snmp versions prior to 5.9.2 Description: The issue is related to a NULL pointer dereference in the nsVacmAccessTable component of the net-snmp software. This can be caused by a user with read-write credentials using a malformed OID in a...

SDWAN Center : (CVE-1999-0517)SNMP Agent's Default Community string (PUBLIC) and SNMP 'GETBULK' Reflection DDoS

Vulnerability issue...

CVE-2020-3235

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient input...

CVE-2020-5364

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can...

CVE-2020-5364

Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can...

Ubiquiti Inc.: SNMP Community String Disclosure to ReadOnly Users on EdgeSwitch

Read only users could execute unauthorized tasks and through SNMP community string pages. These vulnerabilities were found on EdgeSwitch 1G switch ESWH and EdgeSwitch 10G switch ESGH firmware v1.9.0. The fix for these vulnerabilities were included in the EdgeMax EdgeSwitch firmware v1.9.1 For mor...

Net-SNMPd Write Access SNMP-EXTEND-MIB arbitrary code execution (authenticated)

Targets running Net-SNMPd may be vulnerable to remote code execution. If the service user has R/W access and the attacker knows the SNMP community string value, then the attacker can manipulate the target’s SNMP extension MIBs SNMP-EXTEND-MIB to enable and achieve remote code execution on the...

Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability (CVE-2019-1969)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability that allows an unauthenticated, remote attacker to perform SNMP polling of an affected device, even when it is configured to deny SNMP traffic. The cause of this vulnerability is an incorrect length check...

CVE-2019-6572

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" All versions V15.1 Update 1, SIMATIC HMI Comfort Outdoor Panels 7" & 15" All versions V15.1 Update 1, SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F All versions V15.1 Update 1, SIMATIC WinCC...