Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-22456)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...

CVE-2021-1220

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...

Design/Logic Flaw

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...

CVE-2021-1220 Cisco IOS XE Software Web UI Denial of Service Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...

CVE-2021-1220

CVE-2021-1220 refers to Cisco IOS XE Software Web UI DoS vulnerabilities caused by insufficient error handling in the web UI. Affected: Cisco IOS XE web UI; attack requires authenticated user with read-only privileges, sending crafted HTTP packets to trigger web UI unresponsiveness and vty sessio...

CVE-2021-1356 Cisco IOS XE Software Web UI Denial of Service Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...

Cisco IOS XE Software Web UI Denial of Service Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service DoS condition. These vulnerabilities are due...

Cisco IOS XE Software 输入验证错误漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...

CVE-2021-1223

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this...

Cisco IOS XE Software Wireless Controller for the Catalyst 9000 Family WLAN Local Profiling DoS (cisco-sa-dclass-dos-VKh9D8k3)

According to its self-reported version, Cisco IOS XE is affected by a Denial of Service vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family. This vulnerability is due to incorrect parsing of HTTP packets while performin...

CVE-2020-3428

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incorrect parsing of...

CVE-2020-3428 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service Vulnerability

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incorrect parsing of...

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this...

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...

The vulnerability of the Centaur digital registrar and the TitanSMA motion accelerometer, related to deficiencies in access control, allows intruders to enhance their privileges.

The vulnerability of the Centaur digital registrator and the TitanSMA motion accelerometer is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending specially crafted HTTP packets...

Multiple Cisco Product Policy Bypass Vulnerabilities

Cisco 3000 Series Industrial Security Appliances are products of Cisco Corporation.Cisco 3000 Series Industrial Security Appliances is a 3000 Series Firewall Appliance.Cloud Cisco 3000 Series Industrial Security Appliances is a 3000 Series firewall appliance. 1000V Series Cloud Services Router is...

CVE-2020-3315 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP...

CVE-2020-3315 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP...

Wotop - Web On Top Of Any Protocol

WOTOP is a tool meant to tunnel any sort of traffic over a standard HTTP channel. Useful for scenarios where there's a proxy filtering all traffic except standard HTTPS traffic. Unlike other tools which either require you to be behind a proxy which let's you pass arbitrary traffic possibly after ...