Astra Linux - уязвимость в net-snmp

The handleipv6IpForwarding function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP version 5.4.3 to 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

QNAP Systems QuNetSwitch 操作系统命令注入漏洞

QNAP Systems QuNetSwitch is a network management software developed by QNAP Systems, a company based in Taiwan, China. It provides centralized switch management and network configuration monitoring capabilities. Previous versions of QNAP Systems QuNetSwitch, including 2.0.4.0415, had a...

D-Link Nuclias Connect 安全漏洞

D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. An observable response difference vulnerability exists in D-Link Nuclias Connect that stems from an...

EUVD-2019-10476

Malware in sbrugna...

Advantech iView Cross-Site Scripting Vulnerability (CNVD-2025-17826)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

Zyxel CloudCNM SecuManager Hardcoding Vulnerability

Zyxel ZyXEL CloudCNM SecuManager is a set of network management software from Zyxel, Taiwan, China. Zyxel CloudCNM SecuManager ejabberd has a hard-coded vulnerability that can be exploited by remote attackers to submit special requests for unauthorized access to the application system...

Zyxel CloudCNM SecuManager 安全漏洞

Zyxel ZyXEL CloudCNM SecuManager is a network management software from Zyxel, Taiwan, China. requests to gain unauthorized access to the system...

Cisco IOS XE SD-WAN Software和Cisco SD-WAN 输入验证错误漏洞

Cisco IOS XE SD-WAN Software and Cisco SD-WAN are both products of Cisco U.S.A. Cisco IOS XE SD-WAN Software is a software for network management software-defined networking applied to the Cisco IOS XE network operating system. The Cisco IOS XE SD-WAN and Cisco SD-WAN are vulnerable to a path...

Net-SNMP 代码问题漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. A code issue vulnerability exists in Net-SNMP that stems from a misformatted OID in the SET of the nsVacmAccessTable that could...

Schneider Electric ConneXium Network Manager Software 安全漏洞

Schneider Electric ConneXium Network Manager Software Schneider Electric Cnm is an industrial Ethernet network management software from Schneider Electric France. A security vulnerability exists in the Schneider Electric ConneXium Network Manager Software. An attacker with physical access could...

Moxa MXview Detection Consolidation

Consolidation of Moxa MXview detections. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login

Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview... This is...

Moxa MXView Series Web Application authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Moxa MXView Series 3.2.4...

Moxa MXView Series Web Application information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Moxa MXView Series 3.2....

Airspan Networks Mmp SQL注入漏洞

Airspan Networks Mmp is an advanced standalone network management software platform for Mimosa fixed wireless devices from Airspan Networks, Inc. Airspan Networks Mmp is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection and obtain sensitive information...

Airspan Networks Mmp 加密问题漏洞

Airspan Networks Mmp is an advanced standalone network management software platform for Mimosa fixed wireless devices from Airspan Networks, U.S.A. Airspan Networks Mmp is vulnerable to an encryption issue that could be exploited by attackers to break unlisted passwords...

Security Bulletin: Apache Log4j vulnerability in DCNM Network Management Software used by IBM c-type SAN directors and switches.

Summary Apache Log4j Java logging library vulnerability - CVE-2021-44228 affecting versions prior to v2.15 impacts DCNM Network Management Software. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused ...

Draytek VigorConnect Cross-Site Request Forgery Vulnerability

VigorConnect is the native network management software for DrayTek devices.A cross-site request forgery vulnerability exists in Draytek VigorConnect version 1.6.0-B3. No details of the vulnerability are currently available...

CVE-2021-38454

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...

CVE-2021-38456

A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords...