1476 matches found
CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure SQL注入漏洞
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco, Inc.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application that simplifies the management of wireless and wired networks. Cisco...
PT-2025-29852 · Cisco · Cisco Prime Infrastructure +1
Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: A vulnerability exists in a subset of REST APIs in Cisco Prime Infrastructure and Cisco...
CVE-2025-52953
An Expected Behavior Violation vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service DoS. Continuous receipt an...
CVE-2025-52954
A Missing Authorization vulnerability in the internal virtual routing and forwarding VRF of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal...
CVE-2025-52988
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root. When a user provides specifically crafted argument...
CVE-2025-52989
An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify the system configuration. A user with limited configuration and commit permissions, using a specifically crafted...
CVE-2025-52985
A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions. When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with...
CVE-2025-52985
A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions. When a firewall filter which is applied to the lo0 or re:mgmt interface references a prefix list with...
CVE-2025-52964
A Reachable Assertion vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts...
CVE-2025-52954
A Missing Authorization vulnerability in the internal virtual routing and forwarding VRF of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal...
CVE-2025-52953
An Expected Behavior Violation vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service DoS. Continuous receipt an...
CVE-2025-52954
A Missing Authorization vulnerability in the internal virtual routing and forwarding VRF of Juniper Networks Junos OS Evolved allows a local, low-privileged user to gain root privileges, leading to a system compromise. Any low-privileged user with the capability to send packets over the internal...
CVE-2025-52946
A Use After Free vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an attacker sending a BGP update with a specifically malformed AS PATH to cause rpd to crash, resulting in a Denial of Service DoS. Continuous receipt of the...
CVE-2025-52988
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root. When a user provides specifically crafted argument...
CVE-2025-52989 Junos OS and Junos OS Evolved: Annotate configuration command can be used to change the configuration
An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify the system configuration. A user with limited configuration and commit permissions, using a specifically crafted...
CVE-2025-52985
CVE-2025-52985 describes a Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved. When a firewall filter applied to the lo0 or re:mgmt interface references a prefix list and that list contains more than 10 entries, the prefix list may fail to ...
CVE-2025-52964 Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured
A Reachable Assertion vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts...
CVE-2025-52953 Junos OS and Junos OS Evolved: An unauthenticated adjacent attacker sending a valid BGP UPDATE packet forces a BGP session reset
An Expected Behavior Violation vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a valid BGP UPDATE packet to cause a BGP session reset, resulting in a Denial of Service DoS. Continuous receipt an...