CVE-2020-8580

SANtricity OS Controller Software version 11.30 and later is vulnerable to a DoS flaw: an unauthenticated attacker with access to the system can cause denial of service. The connected documents confirm affected product as NetApp SANtricity OS Controller Software but do not provide a concrete root...

CVE-2020-3429

CVE-2020-3429 affects Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family. A vulnerability in WPA2/WPA3 security implementation allows an unauthenticated adjacent attacker to trigger a DoS by sending a crafted authentication packet during the WPA2/WPA3 handshake when 802....

CVE-2020-12475

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tplink.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar...

CVE-2020-12475

The connected sources confirm a concrete vulnerability in TP-Link Omada Controller Software 3.2.6: a directory traversal flaw in com.tp_link.eap.web.portal.PortalController.getAdvertiseFile within /opt/tplink/EAPController/lib/eap-web-3.2.6.jar allows reading arbitrary files. This is a local atta...

E-Series SANtricity OS Controller Software Denial of Service Vulnerability

E-Series SANtricity OS Controller Software is a disk array OS controller. A security vulnerability in E-Series SANtricity OS Controller Software IPV6 processing allows remote attackers to exploit the vulnerability by submitting a special request, which can be used in a denial-of-service attack...

CVE-2019-17273

E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in IPv6 environments...

CVE-2019-17273

E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in IPv6 environments...

CVE-2019-15276

A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially...

CVE-2019-15276

CVE-2019-15276: Cisco Wireless LAN Controller HTTP parsing DoS . The vulnerability affects Cisco WLC software (versions 8.4–8.9, 8.10 fixed) where the HTTP parsing engine fails to handle specially crafted URLs. An attacker with low privileges (or a user who can be lured to click a crafted URL) ca...

CVE-2019-1010191

marginalia 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a header. The attack vector...

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution...

CVE-2018-0350

A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

Input validation

A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

Input validation

A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

Input validation

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

CVE-2018-0344

A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient...

CVE-2018-0350

A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

CVE-2018-0351

A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...